SANS has posted a new version of its 20 most critical Internet security
. As always, this list is a good starting point
for those looking for potential security problems on their networks. Here
are some highlights from the current version:
- Five of the twenty items concern Windows and other Microsoft
- There are ten vulnerabilities in "cross-platform applications"
listed. Some of these (commercial DNS servers, for example) do not
apply to most Linux systems. But others do, including anti-virus
software (ClamAV in particular), PHP-based applications (several
vulnerabilities), database managers, file-sharing applications, media
players, and Mozilla-based browsers.
- There are only two Unix-specific vulnerabilities, and one of those is
a general item on Mac OS X. The other vulnerability is
"configuration weaknesses," with an emphasis on SSH attacks.
Once upon a time, this list was evenly divided between Windows and Unix
vulnerabilities. A casual reading of the current list suggests that things
have shifted in favor of Unix-based systems. While it may be true that
Unix-based systems are easier to keep secure on the net, there is still no
reason to be overly complacent. A system compromised by way of a Firefox
or PHP vulnerability is still compromised.
to post comments)