 |
The time for managers to insist on updated network security is now and a good place to begin is http://66.129.1.101/top20.htm, where the Federal Bureau of Investigation and the SANS (System Administration, Networking, and Security) Institute have posted the top 20 Internet-connected system vulnerabilities.
A glance at just the seven that apply to all operating systems is proof that protection against attacks is not beyond the reach of any organization:
"Default installs of operating systems and applications" are a convenient and easy way to install software, but they usually load components that aren't used. Users often not only don't patch the components they don't use, they don't even know they exist.
"Accounts with No Passwords or Weak Passwords" are one problem, but some accounts aren't even password-protected. Hackers look for systems with default accounts.
"Non-existent or Incomplete Backups" happen even at organizations that do regular backups, because they never verify that the data can actually be restored."
"Large number of open ports" means more chances for an intruder to get into your system.
"Not filtering packets for correct incoming and outgoing addresses" enablesspoofing of IP addresses so hackers can remain 'anonymous'.
"Non-existent or incomplete logging" means you may never know how an attacker invaded your system or what they did when they were inside. In fact, restoring data could restore the attacker's access to your system as well.
"Vulnerable CGI Programs" mean that along with interactive Web pages, users anywhere on the Internet directly to the operating system of the computer running the web server. It is easy for hackers to find and penetrate vulnerable CGI programs.
The good news from the people who compiled the Top 20 list -- checking off the items on their list is simple, inexpensive and should deter most attacks. The bad news is that they believe worse attacks are on the way.
|
|
|
The good news? Simple, inexpensive solutions should deter most attacks. The bad news is that they believe worse attacks are on the way.
|
|
|
