The SysAdmin, Audit, Network, Security (SANS) Institute, in conjunction
with the Federal Bureau of Investigation (FBI) has updated its
ever-changing Top 20 list of security threats, broken down by the two
largest operating systems used by corporate network — Windows and Unix.
The list, which “is especially intended for those organizations that lack
the resources to train, or those without technically-advanced security
administrators,” names security threats that are relatively easy for a
would-be cracker (a Black Hat hacker) or script-kiddie to exploit running a
port scanner. These scanners list the software and version used on the network and then create a blueprint they can use as they look for weaknesses.
Knowing the software version, for example, a cracker can run scripts aimed
at known flaws in the application, giving them back-door access to the
entire network, including personal information, passwords, or even the
ability to wreak havoc by flooding the network with denial of service (DoS)
or distributed DoS attacks.
Following is the most current Top 20 list of security weak spots.
Windows
sessions,
Unix
shell (SSH),
Protocol (FTP)
Officials recommend network and system administrators concentrate their resources on the
above list immediately before any other network fixes. They said disabling
the network service, upgrading to the most recent version and applying a
cumulative patch are the best quick-fixes to potentially leaky networks.
Officials realize many IT departments in smaller firms — as well in major
corporations — around the U.S. have been slow to patch its networks,
either because they are under-funded or just unaware of the latest threats.
Private and public companies, as well as government agencies, took part in
gathering the list of most-damaging network threats. Security companies
like Qualys, Symantec and Internet Security Systems
comprised one testing group, while another group made
up of actual corporations or government agencies comprised the other; both
came up with their list of the most damaging vulnerabilities.