SANS top 20 weaknesses exposed
SANS top 20 weaknesses exposed
The SANS Institute has provided some well needed advice to organisations concerned about how to deal with Internet-related weaknesses in SANS to help them to activate their defences.
The Institute claims that most worms and other successful cyber attacks are made possible by weaknesses in a small number of common operating system services.
Attackers take the easiest and convenient route in and exploit the best known flaws and count on organisations to pay no attention to fixing the problems.
They also attack indiscriminately, scanning the Internet for vulnerable systems. The spread of Blaster, Slammer, and Code Red are traced back directly to the exploitation of unpatched vulnerabilities.
The list is compiled of two top ten lists - the ten most commonly exploited vulnerable services in Windows and the ten most vulnerabilities in UNIX and Linux.
The top 20 is a consensus view made from the thoughts of dozens of leading security experts, including the most security-conscious government agencies in the UK, US and Singapore.
The top ten vulnerabilities to Windows are: Web servers & services; workstation service; windows remote access services; Microsoft SQL Server; Windows authentication; Web browsers; file-sharing applications; LSAS exposures; mail client and instant messaging.
The top ten vulnerabilities for Unix are: BIND domain name system; Web server; authentication; Version control systems; Mail transport service; simple network management protocol; open secure sockets layer; misconfiguration of Enterprise services; databases and kernel.
Click here to find out how to deal with these problems.
Howard Schmidt, the former White House cyber-security advisor, describes the SANS Top-20 as "the definitive guide to the most serious Internet vulnerabilities and security exposures, providing organisations around the world with clear guidance on how to identify, mitigate and eliminate core threats to their network and business."
Related Article: