New SANS/FBI Top 20 List

Posted by timothy on Wednesday October 8, 2003 @09:14AM from the reverse-pecking-order dept.

An anonymous reader submits "The SANS Institute (together with the FBI) published today an updated version of its list of The Twenty Most Critical Internet Security Vulnerabilities. As usual, part of the news is that not too much has changed. The list is split into 10 Unix and 10 Windows vulnerabilities. Leaders are BIND and IIS (last year it was RPC on the Unix side). But some issues (weak passwords) made it into both lists. For last years version, see here. In addition to this list, and a lot of other stuff, the SANS institute is behind DShield and the Internet Storm Center."

1 of 199 comments (clear)

Min score:

Reason:

Sort:

Re:hurdy gurdy wurdy furdy by woozlewuzzle · 2003-10-08 09:38 · Score: 5, Insightful

you're missing the point. They aren't trying to criticize these products. They are letting administrators know what services are being succesfully attacked the most. If you are a decent admin that isn't totally overworked, you've probably already patched and secured these services if you are running them. That is the point. They don't have the same agenda as many of the butt munches on /.