Top Vulnerabilities to Windows Systems

[Top10]

Top Vulnerabilities to Windows Systems

# W1 Web Servers & Services
# W2 Workstation Service
# W3 Windows Remote Access Services
# W4 Microsoft SQL Server (MSSQL)
# W5 Windows Authentication
# W6 Web Browsers
# W7 File-Sharing Applications
# W8 LSAS Exposures
# W9 Mail Client
# W10 Instant Messaging

http://www.sans.org/top20/

;-)

 

[Ron Bogart]

In

Top Vulnerabilities to Windows Systems

# W1 Web Servers & Services
# W2 Workstation Service
# W3 Windows Remote Access Services
# W4 Microsoft SQL Server (MSSQL)
# W5 Windows Authentication
# W6 Web Browsers
# W7 File-Sharing Applications
# W8 LSAS Exposures
# W9 Mail Client
# W10 Instant Messaging # W11 Users

http://www.sans.org/top20/

;-)

--
Ron Bogart {} ô¿ô¬
Associate Expert
Expert Zone -
Lovin life on Mercer Island 8^)
"Life is what happens while we are making other plans."
In memory of a true friend, MVP Alex Nichol (1935-2005)

 

[Leythos]

In

If you read the list, the differences between the Linux and Windows
platform is very small - file services, mail services, web services,
database services.....

 

[NoStop]

If you read the list, the differences between the Linux and Windows
platform is very small - file services, mail services, web services,
database services.....

The comparison doesn't mean that much when you think about it. Of course,
whenever a computer has opened services to the Net, it is going to be more
vulnerable. That's a given. BUT, before one invites the world into ones
computer by way of a particular server, like a web server or a database
server, the admin needs to make sure that server is running securely has
all the latest security updates applied, etc. That is applicable to both
Windoze and Unix servers.

Where you see a significant departure in the 2 systems is that the Windoze
systems have vulnerabilities with client software! The list talks of Web
Browsers, Mail Client and Instant Messaging. You don't see any of these
client applications listed under Unix, do you? And that is the crux of the
problem in terms of security for the ordinary Windoze computer user and by
far, the largest part of the security problems. A Windoze user is
vulnerable just by connecting to the Net as a client. The Unix user is not.
The Unix user simply doesn't run servers open to the Net if the machine is
going to be a client machine. The Windoze user on the other hand can't
really be expected not to use email or web browsing, can he? Well I guess
he can, but that means never connecting to the Net.

--

ø¤º°`°ø,¸¸,ø¤º°`°ø,¸¸,ø¤º°`°ø,¸¸,ø¤º°`°øø¤º°`°ø,¸¸,ø¤º°`°ø
Windows is *NOT* a virus. Viruses are small and efficient.
Tired of the insecurity of your Wintendo box? Update to GNU/Linux
STOP the dummying down of America - Move to a REAL o/s.

 

[Leythos]

A Windoze user is
vulnerable just by connecting to the Net as a client. The Unix user is
not. The Unix user simply doesn't run servers open to the Net if the
machine is going to be a client machine.

I got news for you - there are a lot of Windows level users starting to
run Linux systems on the net with the same level of understanding as they
had when installing Windows. In most cases the major distro's have a GUI
based installer that requires no understanding of Linux to get a working
system running/installed. In many cases the Linux boxes are unpatched, are
often running many server type services, and the user runs as root just
like in Windows.

There are just as many technical users in both camps, but as the installer
for Linux distro's makes it simpler to install and setup, the more those
systems will become compromised.

 

[NoStop]

I got news for you - there are a lot of Windows level users starting to
run Linux systems on the net with the same level of understanding as they
had when installing Windows. In most cases the major distro's have a GUI
based installer that requires no understanding of Linux to get a working
system running/installed. In many cases the Linux boxes are unpatched, are
often running many server type services, and the user runs as root just
like in Windows.

I'm sure some newbies are running as root on some systems. Although in my
limited experience there are plenty of warning flags thrown up if a user
tries to open a GUI as root. In fact, some distros won't even allow that.
So I think you're exaggerating the problem somewhat. BTW, there's no such a
thing as "root" in Windoze and I think you already knew that.

There are just as many technical users in both camps, but as the installer
for Linux distro's makes it simpler to install and setup, the more those
systems will become compromised.

You might be correct. I don't have experience with a lot of Linux distros.
The few that I've used give the installer options as to what they want to
install. Whether it's going to be a workstation or a server or both, for
example. I'd suspect that even a novice computer user should be able to
ascertain whether they wanted to setup a web server or not and in my
limited experience, the user is fully prompted as to what that means. Also,
the latest distros pretty much have the various server vulnerabilities
already patched out of the box. I still maintain that the far larger threat
to the computer world is the vulnerability of clients rather than servers,
as witnessed by the unbelievable amount of malware being circulated via
email and web browsing.

--

ø¤º°`°ø,¸¸,ø¤º°`°ø,¸¸,ø¤º°`°ø,¸¸,ø¤º°`°øø¤º°`°ø,¸¸,ø¤º°`°ø
Windows is *NOT* a virus. Viruses are small and efficient.
Tired of the insecurity of your Wintendo box? Update to GNU/Linux
STOP the dummying down of America - Move to a REAL o/s.