Results 1 to 8 of 8
  1. #1
    Join Date
    May 2002
    Posts
    235

    FBI names 20 most unwanted security flaws

    Many of you may already be aware of this, but thought I would post it anyway, as it makes good reading: According to the FBI, the following are the top vulnerabilities to Windows/ Unix.

    Top Vulnerabilities to Windows Systems

    1.Internet Information Services (IIS)
    2.Microsoft Data Access Components (MDAC) - Remote Data Services
    3.Microsoft SQL Server
    4.NETBIOS - unprotected Windows Networking Shares
    5.Anonymous Logon - Null Sessions
    6.LAN Manager Authentication - weak LM hashing
    7.General Windows Authentication - accounts with no passwords or weak passwords
    8.Internet Explorer
    9.Remote Registry Access
    10.Windows Scripting Host

    Top Vulnerabilities to Unix Systems

    1.Remote Procedure Calls (RPC)
    2.Apache Web Server
    3.Secure Shell (SSH)
    4.Simple Network Management Protocol (SNMP)
    5.File Transfer Protocol (FTP)
    6.R-Services - trust relationships
    7.Line Printer Daemon (LPD)
    8.Sendmail
    9.BIND/DNS
    10.General Unix Authentication - accounts with no passwords or weak passwords

    The source: http://www.theregister.co.uk/content/55/27407.html

  2. #2
    Join Date
    Aug 2002
    Location
    Australia
    Posts
    771
    It also happens that they are the most used.


    So.. I mean something that is never used is not going to become a top vulnerability is it?

    I think this just shows us what is popular and what is not

  3. #3
    Join Date
    Apr 2002
    Posts
    221
    7.General Windows Authentication - accounts with no passwords or weak passwords


    I don't think it matters what OS you run... a weak password makes it easy to get in lol

    James

  4. #4
    Join Date
    Sep 2002
    Location
    perl -le '$_=`man perlfaq1`;print/"(j.*)"/'
    Posts
    280
    Almost all of the U.S. Government agencies, including the FBI, run Microsoft. My cat could get her MCSE. The more useful something becomes, the more it is exploited. The FBI is a great example of this point.
    Richard Ward
    1 NET LANE, LLC.
    http://www.1NL.net
    The low cost data center.

  5. #5
    Join Date
    Aug 2000
    Location
    NYC
    Posts
    6,627
    Originally posted by faculty
    It also happens that they are the most used.
    Exactly; that's what the list is: the most commonly exploited vulnerabilities. I suppose they call it the "20 most critical..." just because they think it sounds better, but it's actually the 10 most commonly exploited vulnerabilities in Windows, and the 10 most common in *nix.

    Of course the article on the Register site doesn't really explain that.
    Specializing in SEO and PPC management.

  6. #6
    Join Date
    Aug 2002
    Location
    Australia
    Posts
    771
    Exactly my point =]

  7. #7
    Join Date
    Mar 2002
    Location
    Arizona, USA
    Posts
    544
    I think the FBI is an unwanted security flaw.
    Feelings are not tools for rational thought.

  8. #8
    Join Date
    Oct 2001
    Location
    USA
    Posts
    1,024
    DNSLinux, thank you for sharing.

    Lamont, I believe that what you post is not entirely true. I don't know about you, but I believe those guys in FBI deserve better than what you said.

    Yes, they probably made mistakes (don't we all sometime?), but they also have worked so hard to make our neighborhood saver. Imagine their stress level and their dedication at the point of sacrificing their life just to protect you and others and me, while we're sitting comfortably in our couch watching tv or read a book or reading WHT. It was a bad bad mistake, but without them it will get worse. It's not them who's to blame, but those who did evil.

    As for me, I tend to appreciate more on what they have accomplished rather than looking on some of the things in the past. It is true that they should not forget those mistakes so they can be more careful next time, but when we're driving we don't look at the rear-view mirror all the time do we (unless we're driving backwards). We use the rear-view mirror just to be careful to make the decision ahead of us.

    I feel so sorry for them that people is quick to blame and to complain and forgetting their many good works and how hard they've worked for us and for the country. I don't think we will ever know the whole thing. But maybe when we work in FBI, we will know how tough it is.

    Anyway, let us get back on track

    Best Regards,
    ___________
    Reyner N.
    Last edited by rey; 10-05-2002 at 08:46 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •