[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Die FBI Liste: 20 Top Computer Risks
Es gibt bei uns in Amerika die FBI Top 10 Meist Gesuchte Kriminellen, jetzt auf einmal gibt es die FBI Top 20 Computer Risks....Warum gerade jetzt?
FBI Lists Top Computer Risks
Agency Notes Common Flaws Exploited by Internet Hackers
Tech Live staff
Oct. 2 — The FBI on Monday released a list of the top 20 computer security vulnerabilities most likely to leave the Internet vulnerable to attacks from hackers.
The items on the list include general vulnerabilities and known security holes in the Windows and UNIX operating systems that are most often exploited by malicious coders, according to the System Administration, Networking, and Security Institute (SANS), a non-profit organization that helped the FBI compile the list."The majority of successful attacks on computer systems via the Internet can be traced to exploitation of security flaws on this list," SANS said in a prepared statement."These few software vulnerabilities account for the majority of successful attacks, simply because attackers are opportunistic — taking the easiest and most convenient route," SANS said. "They exploit the best-known flaws with the most effective and widely available attack tools. They count on organizations not fixing the problems, and they often attack indiscriminately, scanning the Internet for any vulnerable systems."According to the FBI and SANS, vigilance in patching these known security holes would have prevented such well-publicized Internet virus outbreaks as the Code Red worm and the recent attacks from the Nimda worm.Common Security LapsesAmong the most common security errors listed are using an installation program to install system software without removing unnecessary services or installing all security patches. Often users will forget to patch applications they don't use, inadvertently creating a convenient security hole for hackers to infiltrate, SANS said.Weak passwords were also cited as a common security problem among corporations."Easy to guess passwords and default passwords are a big problem, but an even bigger one is accounts with no passwords at all," SANS said. "In practice, all accounts with weak passwords, default passwords, and no passwords should be removed from your system."Leaving too many ports open for users to connect to your system can often also prove a fatal mistake, SANS said. The group recommends keeping the least number of ports open on a system necessary for it to function properly. The FBI/SANS list also specifically addressed vulnerabilities in Microsoft's Internet Information Services server software. A glitch in the IIS software allows hackers to send a server a carefully constructed URL that will in effect allow them to take over the machine.The Center for Internet Security (CIS) has developed guidelines for setting up and tools for testing secure configurations of Solaris and Windows 2000 available at cisecurity.org.Top 20 Computer Vulnerabilities
General vulnerabilities
-Default installs of operating systems and applications
-Accounts with no passwords or weak passwords
-Non-existent or incomplete backups
-Large number of open ports
-Not filtering packets for correct incoming and outgoing addresses
-Non-existent or incomplete logging
-Vulnerable CGI programs
-Unicode vulnerability (Web Server Folder Traversal)
-ISAPI extension buffer overflows
-IIS RDS exploit (Microsoft Remote Data Services)
-NETBIOS — unprotected Windows networking shares
-Information leakage via null session connections
Weak hashing in SAM (LM hash)
Unix-based vulnerabilities
-Buffer overflows in RPC services
-Sendmail vulnerabilities
-Bind weaknesses
-R Commands
-LPD (remote print protocol daemon)
-sadmind and mountd
-Default SNMP strings
For tips on how to plug these security holes, visit the SANS website.Simple Security MeasuresThe FBI's National Infrastructure Protection Center, the agency's cyberwatchdog, has released a list of seven simple measures computer users can take to step up security on their machines:
Use strong passwords. Choose passwords that are difficult or impossible to guess. Give different passwords to all accounts.
Make regular backups of critical data. Backups must be made at least once each day. Larger organizations should perform a full backup weekly and incremental backups every day. At least once a month, the backup media should be verified.
Use virus protection software. That means three things: having it on your computer in the first place, checking daily for new virus signature updates, and then actually scanning all the files on your computer periodically.
Use a firewall as a gatekeeper between your computer and the Internet. Firewalls are usually software products. They are essential for those who keep their computers online through the popular DSL and cable modem connections but they are also valuable for those who still dial in.
Do not keep computers online when not in use. Either shut them off or physically disconnect them from Internet connection.
Do not open email attachments from strangers, regardless of how enticing the Subject Line or attachment may be. Be suspicious of any unexpected email attachment from someone you do know because it may have been sent without that person's knowledge from an infected machine.
Regularly download security patches from your software vendors.