• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

SANS Top 20 Threats

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Fri Dec 06, 2002 3:08 am    Post subject: SANS Top 20 Threats Reply with quote

From sans.org top 20 security threats:

Full details at http://www.sans.org/top20/#index

Top Vulnerabilities to Windows Systems
W1 Internet Information Services (IIS)
W2 Microsoft Data Access Components (MDAC) --
Remote Data Services
W3 Microsoft SQL Server
W4 NETBIOS -- Unprotected Windows Networking
Shares
W5 Anonymous Logon -- Null Sessions
W6 LAN Manager Authentication -- Weak LM Hashing
W7 General Windows Authentication -- Accounts
with No Passwords or Weak Passwords
W8 Internet Explorer
W9 Remote Registry Access
W10 Windows Scripting Host

Top Vulnerabilities to Unix Systems
U1 Remote Procedure Calls (RPC)
U2 Apache Web Server
U3 Secure Shell (SSH)
U4 Simple Network Management Protocol (SNMP)
U5 File Transfer Protocol (FTP)
U6 R-Services -- Trust Relationships
U7 Line Printer Daemon (LPD)
U8 Sendmail
U9 BIND/DNS
U10 General Unix Authentication -- Accounts with No
Passwords or Weak Passwords

Which do you think are the easiest for kiddies?
Back to top
View user's profile Send private message Visit poster's website
ShaolinTiger
Forum Fanatic
Forum Fanatic


Joined: 18 Apr 2002
Posts: 16777215
Location: Kuala Lumpur, Malaysia

Offline

PostPosted: Fri Dec 06, 2002 11:37 am    Post subject: Reply with quote

Internet Information Services (IIS) - Unicode.

Secure Shell (SSH) - The sploit comes as a binary and spawns a listener for you.

Both very easy.
Back to top
View user's profile Send private message Visit poster's website
flw
Forum Fanatic
Forum Fanatic


Joined: 27 May 2002
Posts: 16777215
Location: U.S.A.

Offline

PostPosted: Fri Dec 06, 2002 9:48 pm    Post subject: Reply with quote

Quote:
Secure Shell (SSH) - The sploit comes as a binary and spawns a listener for you.


Very True. Just had to do somework on this exact issue today.
Back to top
View user's profile Send private message Visit poster's website
Jason
Forum Fanatic
Forum Fanatic


Joined: 19 Sep 2002
Posts: 16777215


Offline

PostPosted: Sat Dec 07, 2002 2:29 am    Post subject: Re: SANS Top 20 Threats Reply with quote

fastlanwan wrote:
Which do you think are the easiest for kiddies?


Anything that comes complete with 'sploit, one line manual and a lolly pop Very Happy Very Happy

J
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register