Home

SANS / FBI The Twenty Most Critical Internet Security Vulnerabil

Thu, 2002-10-03 23:53 — Kjartan

Top Vulnerabilities to Windows System

  1. Internet Information Services (IIS)
  2. Microsoft Data Access Components (MDAC) -- Remote Data Services
  3. Microsoft SQL Server
  4. NETBIOS-- Unprotected Windows Networking Shares
  5. Anonymous Logon-- Null Sessions
  6. LAN Manager Authentication-- Weak LM Hashing
  7. General Windows Authentication-- Accounts with No Passwords or Weak Passwords
  8. Internet Explorer
  9. Remote Registry Access
  10. Windows Scripting Host

Top Vulnerabilities to Unix Systems

  1. Remote Procedure Calls (RPC)
  2. Apache Web Server
  3. Secure Shell (SSH)
  4. Simple Network Management Protocol (SNMP)
  5. File Transfer Protocol (FTP)
  6. R-Services-- Trust Relationships
  7. Line Printer Daemon (LPD)
  8. Sendmail
  9. BIND/DNS
  10. General Unix Authentication-- Accounts with No Passwords or Weak Passwords

[SANS / FBI The Twenty Most CriticalInternet Security Vulnerabilities]

Logically enough the vulnerabilities are more or less the same on Windos and Unix. I feel like I am upgrading Apache and PHP once a month, but overall any serious issues I can patch moments after I hear about a new security issue.

Comments

Sat, 2008-09-13 10:38 — muhabbet (not verified)

Thanks

Thanks You
__________________________
Sohbet & muhabbet