SANS Top 10 ThreatsIn case you're wondering which threats are enshrined in this year's SANS top 10:
1. BIND weaknesses -- nxt, qinv, and in.named allow immediate root compromise. 2. Vulnerable CGI programs and application extensions (e.g., ColdFusion) installed on Web servers. 3. Remote Procedure Call (RPC) weaknesses in rpc.ttdbserverd (ToolTalk), rpc.cmsd (Calendar Manager), and rpc.statd that allow immediate root compromise. 4. RDS security hole in Microsoft Internet Information Server (IIS). 5. Sendmail and MIME buffer overflows as well as pipe attacks that allow immediate root compromise. 6. sadmind and mountd. 7. Global file sharing and inappropriate information sharing via NetBIOS and Windows NT ports 135->139 (445 in Windows 2000), or UNIX NFS exports on port 2049, or Macintosh Web sharing or AppleShare/IP on ports 80, 427, and 548. 8. User IDs, especially root/administrator with no passwords or weak passwords. 9. IMAP and POP buffer overflow vulnerabilities or incorrect configuration. 10. Default SNMP community strings set to public and private.
For more on the SANS top 10 list, see http://www.sans.org/topten.htm. |