How do I analyze the security of my Windows workstation?

You can run a network scan of your Windows computer to find out if any services are visible over the network, and therefore potential attack points for a hacker. Gibson Research Corporation provides a free testing service called ShieldsUp!. Start at https://grc.com/x/ne.dll?bh0bkyd2 and click on the Probe My Ports link.

This page launches a network probe of your computer and displays which service ports are accepting connections. You can use this information to close down the services you do not want running.

Be careful about implementing all of Gibson's recommendations for closing ports. Some recommendations could conflict with needed settings for any internal network. For example, he recommends removing NetBIOS over TCP/IP, which will prevent outside hackers from probing for insecure file shares. But this will make a computer that is part of a Windows NT domain completely unusable (can't even login)!  For stand-alone computers, disabling NetBIOS over TCP/IP can prevent you from accessing any campus file servers.

Microsoft released a Baseline Security Analyzer tool  at http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/Tools/MBSAhome.asp to examine Windows NT, 2000, or XP computers for security problems. It checks to make sure that you have correctly installed all Windows security fixes. It examines many of your computer configurations, such as file sharing, guest accounts, non-existent account passwords, network services that are active, etc. It indicates which settings are potential security holes. It offers an explanation of the scanned areas and how to fix any problems. Run this after you have taken all the steps listed above to secure your computer.