Slashdot Mirror

← Back to Stories (view on slashdot.org)

SANS/FBI Release Top 20 Security Vulnerabilities

Posted by CowboyNeal on from the lock-them-boxes-down dept.

theBraindonor writes "SANS Institute and the FBI have compiled a listing of the The Twenty Most Critical Internet Security Vulnerabilities. The list is broken down into two groups: Windows Systems and Unix Systems." The list of Unix vulnerabilities is also a list of the network programs I (and presumably many others) use most. It's a good thing there's BugTraq.

9 of 268 comments (clear)

  1. Well, that settles that argument by Johnathon+Walls · · Score: 1, Funny

    It's a perfect split, 50/50 (or 10 and 10). I hope this settles the "which OS is more secure" debate once and for all.

    Like I've been saying, they're exactly the same.

    -- Ignorance is Bliss.

    1. Re:Well, that settles that argument by Gyorg_Lavode · · Score: 3, Funny

      They are exactly equal because they chose 10 windows exploits and 10 *nix exploits. If they had chosen 20 exploits from both windows and *nix they would have numbered from 1 to 20.

      --
      I do security
  2. Now if only ... by rhysweatherley · · Score: 4, Funny
    ... the script kiddie who's been banging on my firewall for the last two weeks would just give up and go away, I'd be a happy camper.

    Free Clue: if you didn't get in on the first 2000 tries, go waste someone else's bandwidth!

    1. Re:Now if only ... by derF024 · · Score: 5, Funny

      have some fun with ipchains and the "mirror" directive. all of a sudden, to him, your machine will appear to be an exact duplicate of his. maybe he'll even root his own machine in the process :-P

  3. I am disappointed... by funwithBSD · · Score: 5, Funny

    the "Slashdot Effect" DOS did not make the top 20.

    --
    Never answer an anonymous letter. - Yogi Berra
  4. W10 by Tablizer · · Score: 2, Funny

    Top 10 Windows Vulnerabilities:

    1. Windows
    2. Windows
    3. Windows
    4. Windows
    5. Windows
    6. Windows
    7. Windows
    8. Windows
    9. Windows
    10. Windows

    --
    Table-ized A.I.
  5. Out of the mouths ... by smallfeet · · Score: 2, Funny

    We had to install a virus checker on our Unix boxes at work. In the manual they ask the question 'Why a virus checker for Unix?'. Their reply was 'because of all the Windows viruses'. Seems they thought it a good idea to catch them before they got to the Windows boxes. They are the professionals, I have to believe them.

  6. meaningful typo by darkonc · · Score: 4, Funny
    In the article, it says:
    Nearly all Linux systems and many other Unix systems come with Apache installed and often by fault enabled.

    Although I presume that they meant to say 'by default enabled', I (like many others) feel that it is an error to have most facilities enabled by default. Thus the default is IMHO a fault.

    I would much rather have various facilities disabled by default, with easily-accessible tools which enable those facilities (and give appropriate security warnings). Manufacturers, like sun, who ship machines with everything and their dogs enabled should be hung by their toes and beaten mercilessly with burnt-out '286s.
    The standard defence that most of these systems ship to sites with well-traind sysadmins who know what to disable is silly. If a site has well-trained sysadmins, then they should know how to enable the required facilities. Sites without well trained sysadmins probably don't have good security, either, and most desparately need to have all of those holes covered when the system ships.

    For admins who care more about getting a system running easily than they do about security, vendors like sun could have a program (named 'goahead-shootme') that enables all facilities just like the old (de)fault had it. Better yet, of course, would be a simple menu-driven / GUI program that allowed you to turn on/of various facilites and daemons (and possibly even provided an explanation of why). -- Bastille Linux comes to mind...

    --
    Sometimes boldness is in fashion. Sometimes only the brave will be bold.
  7. Re:So How Many by Anonymous Coward · · Score: 1, Funny

    Please tell me that that's another language, and not just a terrible mangling of the English language.