CIS is a free security scanner written and maintained by Cerberus Information Security, Ltd and is designed to help administrators locate and fix security holes in their computer systems. Runs on Windows NT or 2000. Features: * Takes a modular approach. Each scan module is implemented as a DLL so when an update to a particular module occurs the user only needs to download the updated DLL. Added to this the user can choose which modules they want to run. * Comprehensive - pushing around 300 checks. As far as scanning web servers goes CIS is one of the best. When compared against the market leading scanners CIS usually finds more security issues. * Hidden Command line capability - run scans in the background. This means that if a user wants to scan a large number of hosts they can implement this in a batch file and once a scan has started control is returned to the command prompt so the next and subsequent scans can start immediatley. C:\CIS\>cis host * Scan modules include WWW, SQL, ftp, various NT checks, SMTP, POP3, DNS, finger and more * Backed by one of the World's best security teams, the CST (Cerberus Security Team). * Reports generated are HTML based with hyper-text links to more information * Easy to use Graphical User Interface * Multi-threaded so scan time is minimized. * Light on memory usage * Updated on a very regular basis The CIS homepage is located at: http://www.cerberus-infosec.co.uk/cis.shtml