| ||
 |
| SecurityProNews > Insider Reports > Insider > SANS Says Internet Security Problems Proliferate | ||||||||||||||||
The SANS Institute published their Top 20 list of internet vulnerabilities. Over 600 new vulnerabilities discovered during the first quarter of this year. Many companies were mentioned including Symantec and Microsoft as well media players and ITunes and SANS stated these companies need to work on closing security holes.
SANS offers a number of recommendations and shows that even the most trusted companies are vulnerable to attacks. With a number of additions this year, companies should take advantage of this information and take steps to prevent problems from occurring in their systems. The vast majority of worms and other successful cyber attacks are made possible by vulnerabilities in a small number of common operating system services. Attackers are opportunistic. They take the easiest and most convenient route and exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems. The easy and destructive spread of worms, such as Blaster, Slammer, and Code Red, can be traced directly to exploitation of unpatched vulnerabilities. "These critical vulnerabilities are widespread and many of them are being exploited, right now, in our homes and in our offices," according to Alan Paller, director of research for the SANS Institute. "We're publishing this list as a red flag for individuals as well as IT departments. Too many people are unaware of these vulnerabilities, or mistakenly believe their computers are protected." This SANS Top-20 2004 is actually two Top Ten lists: the ten most commonly exploited vulnerable services in Windows and the ten most commonly exploited elements in UNIX and Linux environments. Although there are thousands of security incidents each year affecting these operating systems, the overwhelming majority of successful attacks target one or more of these twenty vulnerable services. Roger Cumming, Director of NISCC, the British Government's Cybersecurity and Critical Infrastructure office, commented on the new list, "This extremely valuable SANS list of critical vulnerabilities highlights the need for administrators of IT systems to stay up to date with patches and advances in security architecture that product vendors have been implementing." "The SANS Top 20 list is a widely recognized benchmark for identifying the most critical security vulnerabilities," said Gerhard Eschelbeck, CTO and VP of Engineering at Qualys. "Threats are evolving at a much faster rate, necessitating regular updates to the list to ensure organizations have the most current information possible on critical security vulnerabilities." "It is important to draw people's attention to these vulnerabilities because they could result in severe consequences if not properly resolved," said Marc Willebeek-LeMair, Chief Technology Officer of 3Com's TippingPoint division. Top Vulnerabilities to Windows Systems · W1 Web Servers & Services · W2 Workstation Service · W3 Windows Remote Access Services · W4 Microsoft SQL Server (MSSQL) · W5 Windows Authentication · W6 Web Browsers · W7 File-Sharing Applications · W8 LSAS Exposures · W9 Mail Client · W10 Instant Messaging Top Vulnerabilities to UNIX Systems · U1 BIND Domain Name System · U2 Web Server · U3 Authentication · U4 Version Control Systems · U5 Mail Transport Service · U6 Simple Network Management Protocol (SNMP) · U7 Open Secure Sockets Layer (SSL) · U8 Misconfiguration of Enterprise Services NIS/NFS · U9 Databases · U10 Kernel These critical new vulnerabilities are selected from data compiled for @RISK, the free, authoritative vulnerability summary issued by SANS (and co-authored by experts from TippingPoint and Qualys) each week to more than 100,000 security professionals around the world. They represent only those vulnerabilities first discovered or patched during the first quarter of calendar year 2005. Any person or organization running the vulnerable software products should ensure that they or their computer support professionals have corrected the specific problems listed. (The vulnerable software packages are listed at the end of this release and details on each of the vulnerabilities, and instructions on correcting them, may be found at www.sans.org/top20/Q1-2005update)   View All Articles by John Stith About the Author: | ||||||||||||||||
|
 |
|