SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Study Outs Top Internet Vulnerabilities
Research from SANS Institute highlights the top 20 system security vulnerabilities
October 9, 2004
2 Min Read
If you want to prevent your business from being decimated by the next Code Red or Nimda worm then its time to check your systems. This is the message from the SANS (SysAdmin, Audit, Network, Security) Institute and top government officials on both sides of the Atlantic, who today unveiled the latest list of the world’s top 20 Internet security vulnerabilities.
So, what should you be looking out for? In the Windows world, Web servers are most at risk, closely followed by workstations and remote access services. It's a similar story in the Unix arena, where Web servers are also particularly vulnerable to external threats.
The challenge for both Unix and Windows users is how to securely install a major application as well as all the support applications that make it work. Rick Fleming, CTO at San Antonio-based security specialist Digital Defense (Nasdaq: MSFT) is not at all surprised by the SANS Institute’s findings. “It’s a fairly large headache [for users],” he says. “The latest version of Office 2003 is a great product but if your firewall is not configured correctly, or your SQL 2003 database is not configured correctly, you will have vulnerabilities.”
As far as Web servers are concerned, the Institute warns users to pay particular attention to default installations of HTTP servers and other components used for serving HTTP requests. Failure to keep patches up to date could result in a denial of service (DOS) or even exposure of sensitive files.
The top five Windows vulnerabilities are:
1. Web Servers & Services 2. Workstation Service 3. Windows Remote Access Services 4. Microsoft SQL Server
5. Windows Authentication
But it would be foolish to presume that Windows systems have the monopoly on being at risk. The main menace in the Unix world affects the Berkeley Internet Domain (BIND) package, which is one of the most widely-used implementations of the domain name service (DNS), a system that converts hostnames into IP addresses.
Because of the prevalence of BIND in Unix systems, the package is frequently hit with DOS and buffer-overflow attacks, according to the SANS Institute. This situation has been exacerbated by bad configuration files and system administrators who are not aware of the available security upgrades, it says.
The top five Unix vulnerabilities are:
1. BIND Domain Name System 2. Web Server3. Authentication4. Version Control Systems5. Mail Transport Service
Supported by both the Department of Homeland Security and the U.K. government’s Home Office department, the list is based on the findings of government agencies and vendors such as Cisco Systems Inc. (Nasdaq: CSCO), Symantec Corp. (Nasdaq: SYMC), and Microsoft Corp. (Nasdaq: MSFT).
— James Rogers, Site Editor, Next-gen Data Center Forum0
You May Also Like
More Insights
