SANS lists top-20 security vulnerabilities

Monday, October 11th, 2004
by Greg Hughes

The new SANS 2004 Top 20 list of critical Internet security vulnerabilities is out. It’s actually two top-10 lists, one for Windows and one for UNIX:

Top Vulnerabilities to Windows Systems

W1 Web Servers & Services
W2 Workstation Service
W3 Windows Remote Access Services
W4 Microsoft SQL Server (MSSQL)
W5 Windows Authentication
W6 Web Browsers
W7 File-Sharing Applications
W8 LSAS Exposures
W9 Mail Client
W10 Instant Messaging

Top Vulnerabilities to UNIX Systems

U1 BIND Domain Name System
U2 Web Server
U3 Authentication
U4 Version Control Systems
U5 Mail Transport Service
U6 Simple Network Management Protocol (SNMP)
U7 Open Secure Sockets Layer (SSL)
U8 Misconfiguration of Enterprise Services NIS/NFS
U9 Databases
U10 Kernel

Tags

Categories

Security

What Do You Think?

Want to Start a Blog Here for Free?

Are you an expert in one subject or another? If your goal is to help others and dispense hard-earned information back to the community, stake a claim on your very own Lockergnome blog today! You can write about anything - no matter the topic. Sign-up to start blogging!

Resources - Jul 24, 2008

Better Software Magazine

Troubleshooting Encryption In Vista Part II
Thursday, July 24, 2008
Bluesnarfing - Should We Worry?
Wednesday, July 23, 2008
Is Your DNS Server Safe? Major Security Hole Needs To Be Patched Right Now!
Wednesday, July 23, 2008
Troubleshooting Encryption In Vista Part I
Wednesday, July 23, 2008
Try MyFax Free For 30 Days
Wednesday, July 23, 2008

GnomeREPORT - Jul 22, 2008

Why Was It Removed?

Touch Screen Computing - The Future?
Tuesday, July 22, 2008
Troubleshooting User Network Performance Issues With SolarWinds
Tuesday, July 22, 2008
Setting Up Encryption In Vista Part III
Tuesday, July 22, 2008
The Essential Guide To Solving Server Sprawl
Tuesday, July 22, 2008
It Is Windows Only Smaller
Friday, July 18, 2008

Tips - Jul 16, 2008

Setting Up Encryption In Vista Part I

What’s Good For The Environment Is Good For Business
Wednesday, July 16, 2008
Psystar Is Taken To Task By Apple
Tuesday, July 15, 2008
Powering Off Goes Wrong
Tuesday, July 15, 2008
Planning For Encryption In Vista Part II
Tuesday, July 15, 2008
Microsoft Mobile Business Resource Kit
Tuesday, July 15, 2008

GnomeREPORT - Jul 14, 2008

Palm Treo - We Care Why?

Apple Update-A-Palooza
Monday, July 14, 2008
Planning For Encryption In Vista Part I
Monday, July 14, 2008
Vulnerability Management For Dummies
Monday, July 14, 2008
Faster Internet, Anyone?
Friday, July 11, 2008
Hyper-V Now Available For Windows Server
Friday, July 11, 2008