FBI flags top 20 security holes in Windows, Unix -- GCN

Cybersecurity

FBI flags top 20 security holes in Windows, Unix

By William Jackson
Oct 04, 2002

The FBI's National Infrastructure Protection Center and the SANS Institute of Bethesda, Md., last week updated their top IT vulnerabilities in Microsoft Windows and Unix systems.

The most common Windows targets are Internet Information Services, Data Access Components, SQL Server, unprotected Windows network sharing, anonymous log-on, weak hashing in LAN Manager authentication, weak passwords, Internet Explorer, remote registry access and Windows Scripting Host.

The top Unix targets are remote procedure calls, Apache Web Server, Secure Shell, Simple Network Management Protocol, File Transfer Protocol, trust relationships in remote services, line printer daemon, sendmail, Berkeley Internet Name Domain/Domain Name Service and weak passwords.

Fixes and defenses for these vulnerabilities appear at www.sans.org/top20.

About the Author

William Jackson is a senior writer of GCN and the author of the CyberEye blog.

E-Mail this page

Printable Format

Agencies' security efforts stall, report says03/15/2013
At age 10, Trusted Computing Group sees a new world of threats 02/27/2013
'Substantial' changes ahead for federal cybersecurity controls02/11/2013
Next steps for continuous network monitoring05/25/2010
NIST updates specs for the latest version of SCAP06/01/2010

inside gcn

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Name: (Optional) Email: (Optional) Location: (Optional)

Your Comment:

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck

TRENDING