In earlier versions of Windows, the Event Viewer has been a very simple program which recorded events which took place on your computer. In these versions, only significant occurrences which were determined as important by the computer would even be logged. While this was still useful, many administrators have desired a more detailed system which would allow them to troubleshoot difficult problems and errors. In Windows Vista, the Event Viewer is able to do just that, and a little more.
To start off, let’s figure out just how we can open and access the Vista Event Viewer. First, access the start menu by means of the Windows Vista orb. You must then click on control panel. After the control panel is visible, find and click the administrative tools icon. From here it’s pretty much self explanatory – click Event Viewer.
New features in Vista’s Event Viewer include:
- Ability to view events from multiple logs simultaneously. In the Windows Vista version, administrators have the ability to browse events via filters – which search for similar events across multiple logs. Within this customized view, it becomes much easier to troubleshoot for viruses, and other problems which may occur on your computer. For example, on a multiple user computer, a spyware program may open Internet Explorer at 7 in the morning without being called up by the user. Using Create Custom View…, an administrator can calibrate a filter to view the application, security, and system log during that hour. By seeing this, you could locate a spyware .dll file which was programmed to open IE at 7.
- Set tasks to act in response to certain events. This feature allows an administrator to plug in automated responses to certain events. If, for example, your computer often wakes up during the night to install updates, the Event Viewer could be used to carry out a task which turned the computer off afterwards. This feature must be used in accordance with the Task Scheduler, another one of the Administrative Tools.
- New Log Categories. In the Vista edition, the Event Viewer consists of two new categories: Setup and Forwarded Events. Both of these logs are very functional, allowing for more in-depth analysis when troubleshooting viruses, spyware, and hackers. The setup log is used to record activity which occurs during the setup of new programs and applications. This information could be useful when checking to see if an application was installed by the user, and of It has spyware or other programs attached to it. The forwarded events log records what happens during server activity. This log records the ID of of other computers, and the events which occur on these computers.
All in all, the Windows Vista Event Viewer is a vital container of everything which happens on your computer – the ins and outs. Each individual logfile contains admin, operational, analytic, and debug log sections. Using the features in this program, administrators will find it easier to troubleshoot their computer systems.
Microsoft Baseline Security Analyzer 2.1 or MSBA 2.1 is a must-have utility for those concerned with the safety of their computer. It’s a great tool for those with networks or small businesses, because it also allows you to scan for vulnerabilities across the computers on your network. Basically what it does is detect common security misconfigurations, missing security updates, and any options that have been set that may be of interest, which I will explain later on.
Once you download the program, it is actually really straight-forward and easy to use
But if you would like to learn about how to scan other computers in your network or how to access the security report generated, feel free to continue reading!
a
Evaluating a Security Report:
The Security Report is very detailed and effective in presenting information. Let’s take a look at how to use the information to imrpove your computer’s security. The program even tells you how to fix the problems so it shouldn’t be very difficult. Below I will just list my interpretation of the issues listed:
User Accounts (Admin / Guest):
Do not overlook this detail, and make sure you are aware of the number of Admin accounts on your computer. If there are more than you know about, this may suggest somebody is accessing your computer without you knowing it. As for the Guest account, you may disable it if you are the only one using the computer. I leave it enabled so my family members can use my computer when I’m not there without accessing my files.
Automatic Updates:
If you want to be protected from the latest risks, this should be enabled. However, I do not have this enabled because I have had issues with my Sound Card and Video Card when installing the drivers recommended through Windows Update. Also, Vista insists their drivers are newer even though I am using beta video card drivers. To prevent them from automatically installing their drivers over mine, I leave automatic installation disabled and just respond immediately when I see the bubble in the right corner alerting me to update. I don’t suggest enabling auto-install if you’ve had driver issues with your hardware.
Windows Firewall:
If Windows Firewall is not enabled on all connections, click on “How to Correct This.” If the problem still persists, go to your Firewall settings, click on the Advanced Tab, and ensure all connections are checked.
As for the other categories, they are pretty straight forward. If you have any questions feel free to ask me in the forum.
How to Scan a Network of Computers:
First you need to determine the “Domain Name” or the IP Range you want to scan. If you’re a network administrator, you should already know the this type of information or have your own method of doing this, so you won’t need to read the rest of the guide.
If you do know the “Domain Name” that’s great! But if you don’t know, I’m only going to explain how to find the IP range because I’ve had a lot of problems with Windows Vista and Network Domain Names.
What’s an IP address?
In case you don’t know what an IP is, it’s an address assigned to every computer so that it can be identified.
Moving on…
First ensure that all computers are on, and logged onto their administrator account. Now before we do anything drastic, your list of IPs probably start at 192.168.1.100 and end at 192.168.1.126
First, put that in and see if it works. If it works, then you’re good to go!
If it doesn’t, you’re going to have to actually log into your router and find out.
First, open the Start Menu, type cmd in the Search bar, and press Enter. Once Command Prompt is open, type
ipconfig
Look for default gateway and write it down. Then open your internet browser, and type it in. This will take you to your router settings.
The router I’m using is a Linksys WRT54G v8. You might have a different kind of router or firmware, but the steps should be very similar.
First, look for a Status button or tab. Next, you want to click on LAN or DHCP Clients, or a button that will display all the computers connected to the network.
You should get something that looks like this:
Now you know what the IP range is. Simply take the lowest numbered IP and the largest one, and input it into the IP range boxes and you should be good to go.
