SANS Top 20 Threats

Networking/Security Forums -> Exploits // System Weaknesses

Author: flwLocation: U.S.A. PostPosted: Fri Dec 06, 2002 3:08 am    Post subject: SANS Top 20 Threats
    ----
From sans.org top 20 security threats:

Full details at http://www.sans.org/top20/#index

Top Vulnerabilities to Windows Systems
W1 Internet Information Services (IIS)
W2 Microsoft Data Access Components (MDAC) --
Remote Data Services
W3 Microsoft SQL Server
W4 NETBIOS -- Unprotected Windows Networking
Shares
W5 Anonymous Logon -- Null Sessions
W6 LAN Manager Authentication -- Weak LM Hashing
W7 General Windows Authentication -- Accounts
with No Passwords or Weak Passwords
W8 Internet Explorer
W9 Remote Registry Access
W10 Windows Scripting Host

Top Vulnerabilities to Unix Systems
U1 Remote Procedure Calls (RPC)
U2 Apache Web Server
U3 Secure Shell (SSH)
U4 Simple Network Management Protocol (SNMP)
U5 File Transfer Protocol (FTP)
U6 R-Services -- Trust Relationships
U7 Line Printer Daemon (LPD)
U8 Sendmail
U9 BIND/DNS
U10 General Unix Authentication -- Accounts with No
Passwords or Weak Passwords

Which do you think are the easiest for kiddies?

Author: ShaolinTigerLocation: Kuala Lumpur, Malaysia PostPosted: Fri Dec 06, 2002 11:37 am    Post subject:
    ----
Internet Information Services (IIS) - Unicode.

Secure Shell (SSH) - The sploit comes as a binary and spawns a listener for you.

Both very easy.

Author: flwLocation: U.S.A. PostPosted: Fri Dec 06, 2002 9:48 pm    Post subject:
    ----
Quote:
Secure Shell (SSH) - The sploit comes as a binary and spawns a listener for you.


Very True. Just had to do somework on this exact issue today.

Author: Jason PostPosted: Sat Dec 07, 2002 2:29 am    Post subject: Re: SANS Top 20 Threats
    ----
fastlanwan wrote:
Which do you think are the easiest for kiddies?


Anything that comes complete with 'sploit, one line manual and a lolly pop Very Happy Very Happy

J



Networking/Security Forums -> Exploits // System Weaknesses


output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Page 1 of 1

Powered by phpBB 2.0.x © 2001 phpBB Group