This may be useful if you have a windows based firewall and want to check perms
on it.
When on site for a client I needed to check the user permissions of certain
user accounts on an EPOS system. I needed to know what users could and could
not access. This tool goes a long way to answering the question of what access
a user has to the system.
There are lots of tools for checking the settings but nothing that was good
enough to check the rights, permissions and access that I needed to check. So
here is the ?Windows Permission Identifier?. WPI. It?s an early version so
please report any bugs and send any of your own policies you think would be
useful.
Name: Windows Permission Identifier v1.0 [ZIP 392 KB]
Released: 17th Jan 2006
System Requirements: Windows 2000 or higher
Credit: Nathan House
Abstract: This tool enables administrators and penetration testers to review
and audit the permissions of users on a windows machine.
Windows Permission Identifier can check;
File ACLs
Folder ACLs
Registry ACLs
Services Permissions
Shares
Installation rights
Internet Access and so on.
The GUI enables the administrator to create policies that can be saved in XML
format. The windows machines permissions are then checked against this policy.
This enables administrators to run checks against existing organisational
windows security baseline documents. Policies can be saved in XML format and
all results can be exported for further use.
WARNING: The policy that is included is a sample of the functionality of the
tool. It is not a security policy that should be followed.
Report Bugs & send your own policy files : nhouse[at]stationx.net
It would be very useful to the community if you send me any policies you
create. For example, Firewall, Web server, desktop, domain controller or what
ever you create. I will upload your policy files to the site and credit you.
Download: http://www.stationx.net/windows_permission_identifier.php
http://www.stationx.net/
IT Security for Home and Business
