The protection of the business goes for ...router, firewalls, iptables, strict change of password, restrictive policy... But it will be ever an user Windows so 'it' to put in all danger that? No, all they know that they throw not executable not requests, even if with names obviously at risk. But we are secure? I have therefore invented a fine teaching test. And 'an executable one (Open Source in Visual Basic). I called it ChickenFinder but to the use agrees to reelect it in GameSuper PacMan or other names winning, more the name is obviously dangerous more the test is significant. It put the exe in an attractive directory of net shared under the eyes of everything. The program tace that user Win threw it, when and from that PC. It asks confirmation (and too that track). It asks the email (and too that track). It asks to record be invented a password (holds of it from account the length and if the characters are all equal to understand if is likely, but does not memorize it, it does not want to be a spyware). Well an escalation of 'stupidity'. If an it arrives at the end it Chicken says! (Of default, honestly the minimum that says), or what seems yourselves or be able to put us an 'Error 221 in ExtraCicken. DLL' (in manner that who is fallen down us you do not alert other), or can send again to a site that want. The output goes out in a file of text with the same name of the program of default in the same directory with extension jpg (but is a textual log), the eventual configurations go instead in a bmp (other file of text). The program can be been depicted and translated in any language executing chickenrun configure Particularly situations advise to carry the results (without to present the names) to who of skill. Can be that is better spend better for for the Policy and a little more to re-educate the users. The not use of layout via Web or FTP is wanted, the program is and should stay a do not invasive test. CAUTION it is directed to the utilization aside of directors of system that should treat the data obtained in consistent manner to the normative one on the privacy. Normally is correct to talk about the results but not of the persons. The program is in English but in a italian site. www.holzl.it at and of page 'Security Test ...'.