Results 1 to 8 of 8
  1. #1
    Join Date
    May 2002

    FBI names 20 most unwanted security flaws

    Many of you may already be aware of this, but thought I would post it anyway, as it makes good reading: According to the FBI, the following are the top vulnerabilities to Windows/ Unix.

    Top Vulnerabilities to Windows Systems

    1.Internet Information Services (IIS)
    2.Microsoft Data Access Components (MDAC) - Remote Data Services
    3.Microsoft SQL Server
    4.NETBIOS - unprotected Windows Networking Shares
    5.Anonymous Logon - Null Sessions
    6.LAN Manager Authentication - weak LM hashing
    7.General Windows Authentication - accounts with no passwords or weak passwords
    8.Internet Explorer
    9.Remote Registry Access
    10.Windows Scripting Host

    Top Vulnerabilities to Unix Systems

    1.Remote Procedure Calls (RPC)
    2.Apache Web Server
    3.Secure Shell (SSH)
    4.Simple Network Management Protocol (SNMP)
    5.File Transfer Protocol (FTP)
    6.R-Services - trust relationships
    7.Line Printer Daemon (LPD)
    10.General Unix Authentication - accounts with no passwords or weak passwords

    The source:

  2. #2
    Join Date
    Aug 2002
    It also happens that they are the most used.

    So.. I mean something that is never used is not going to become a top vulnerability is it?

    I think this just shows us what is popular and what is not

  3. #3
    Join Date
    Apr 2002
    7.General Windows Authentication - accounts with no passwords or weak passwords

    I don't think it matters what OS you run... a weak password makes it easy to get in lol


  4. #4
    Join Date
    Sep 2002
    perl -le '$_=`man perlfaq1`;print/"(j.*)"/'
    Almost all of the U.S. Government agencies, including the FBI, run Microsoft. My cat could get her MCSE. The more useful something becomes, the more it is exploited. The FBI is a great example of this point.
    Richard Ward
    1 NET LANE, LLC.
    The low cost data center.

  5. #5
    Join Date
    Aug 2000
    Originally posted by faculty
    It also happens that they are the most used.
    Exactly; that's what the list is: the most commonly exploited vulnerabilities. I suppose they call it the "20 most critical..." just because they think it sounds better, but it's actually the 10 most commonly exploited vulnerabilities in Windows, and the 10 most common in *nix.

    Of course the article on the Register site doesn't really explain that.
    Specializing in SEO and PPC management.

  6. #6
    Join Date
    Aug 2002
    Exactly my point =]

  7. #7
    Join Date
    Mar 2002
    Arizona, USA
    I think the FBI is an unwanted security flaw.
    Feelings are not tools for rational thought.

  8. #8
    Join Date
    Oct 2001
    DNSLinux, thank you for sharing.

    Lamont, I believe that what you post is not entirely true. I don't know about you, but I believe those guys in FBI deserve better than what you said.

    Yes, they probably made mistakes (don't we all sometime?), but they also have worked so hard to make our neighborhood saver. Imagine their stress level and their dedication at the point of sacrificing their life just to protect you and others and me, while we're sitting comfortably in our couch watching tv or read a book or reading WHT. It was a bad bad mistake, but without them it will get worse. It's not them who's to blame, but those who did evil.

    As for me, I tend to appreciate more on what they have accomplished rather than looking on some of the things in the past. It is true that they should not forget those mistakes so they can be more careful next time, but when we're driving we don't look at the rear-view mirror all the time do we (unless we're driving backwards). We use the rear-view mirror just to be careful to make the decision ahead of us.

    I feel so sorry for them that people is quick to blame and to complain and forgetting their many good works and how hard they've worked for us and for the country. I don't think we will ever know the whole thing. But maybe when we work in FBI, we will know how tough it is.

    Anyway, let us get back on track

    Best Regards,
    Reyner N.
    Last edited by rey; 10-05-2002 at 08:46 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts