Lista słabych punktów według FBI i SANS

National Infrastructure Protection Center (NIPC – jedna z agencji FBI) wraz z SysAdmin, Audit, Networking and Security (SANS) Institute podali w środę coroczną listę (Top 20) słabych punktów systemów typu Windows oraz Unix.
Windows
Internet Information Services (IIS)

Microsoft Data Access Components (MDAC) – Remote Data Services

Microsoft SQL Server

NETBIOS – Unprotected Windows Networking Shares

Anonymous Logon – Null Sessions

LAN Manager Authentication – Weak LM Hashing

General Windows Authentication – Accounts with No Passwords or Weak Passwords

Internet Explorer

Remote Registry Access

Windows Scripting Host

Unix
Remote Procedure Calls (RPC)

Apache Web Server

Secure Shell (SSH)

Simple Network Management Protocol (SNMP)

File Transfer Protocol (FTP)

R-Services – Trust Relationships

Line Printer Daemon (LPD)

Sendmail

BIND/DNS

General Unix Authentication – Accounts with No Passwords or Weak Passwords
Więcej informacji na gcn.com oraz eweek.com