Top 20 vulnerabilities for Windows/Unix

Author
Aron Schatz
Posted
October 4, 2002
Views
1622
Tags Bugs

Page All:

Page 1
10 for each OS in this SANS/FBI list. IIS is the largest vulnerability for Windows. But Apache is second on the Unix list.

Quote

While experienced security administrators will find the Top Twenty to be a valuable resource in their arsenal, the list is especially intended for those organizations that lack the resources to train, or those without technically-advanced security administrators. The individuals with responsibility for networks in those organizations often report that they have not corrected many of these flaws because they simply do not know which vulnerabilities are most dangerous, they are too busy to correct them all, or they do not know how to correct them safely. Traditionally, auditors and security managers have used vulnerability scanners to search for five hundred or a thousand or even two thousand very specific vulnerabilities, blunting the focus administrators need to ensure that all systems are protected against the most common attacks. When a system administrator receives a report showing thousands of vulnerabilities across hundreds of machines, he is often paralyzed.

Title

Medium Image View Large