%0 Conference Paper %D 2005 %T Automated checking for Windows host vulnerabilities %A Tamizi,M. %A Weinstein,M. %A Michel Cukier %K application vulnerabilities %K computing system security %K Ferret-Windows software tool %K host vulnerabilities %K network vulnerabilities %K open-source software %K operating systems (computers) %K plug-in module %K program diagnostics %K security of data %K software reliability %K software tools %K system attacks %K Windows host vulnerability checking %K Windows platforms %X Evaluation of computing system security requires knowledge of the vulnerabilities present in the system and of potential attacks against the system. Vulnerabilities can be classified based on their location as application vulnerabilities, network vulnerabilities, or host vulnerabilities. This paper describes Ferret-Windows, a new software tool for checking host vulnerabilities on the Windows platforms. This tool helps system administrators by quickly finding vulnerabilities that are present on a host. It is designed and implemented in a modular way: a plug-in module is used for each vulnerability checked, and each possible output format is specified by a plug-in module. Moreover, several vulnerability fixing plug-in modules exist to help users remove specific vulnerabilities. As a result, Ferret-Windows is extensible, and can easily be kept up-to-date through the addition of checks for new vulnerabilities as they are identified. Finally, Ferret-Windows is a freely available open-source software %P 10 pp. -148 - 10 pp. -148 %8 2005/11// %G eng %R 10.1109/ISSRE.2005.11