E-Book, Englisch, 536 Seiten
Vacca Practical Internet Security
1. Auflage 2007
ISBN: 978-0-387-29844-3
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
E-Book, Englisch, 536 Seiten
ISBN: 978-0-387-29844-3
Verlag: Springer US
Format: PDF
Kopierschutz: 1 - PDF Watermark
As organizations today are linking their systems across enterprise-wide networks and VPNs as well as increasing their exposure to customers, competitors, browsers and hackers on the Internet, it becomes increasingly imperative for Web professionals to be trained in techniques for effectively protecting their sites from internal and external threats. Each connection magnifies the vulnerability to attack. With the increased connectivity to the Internet and the wide availability of automated cracking tools, organizations can no longer simply rely on operating system security to protect their valuable corporate data. Furthermore, the exploding use of Web technologies for corporate intranets and Internet sites has escalated security risks to corporate data and information systems. Practical Internet Security reveals how the Internet is paving the way for secure communications within organizations and on the public Internet. This book provides the fundamental knowledge needed to analyze risks to a system and to implement a security policy that protects information assets from potential intrusion, damage, or theft. It provides dozens of real-life scenarios and examples, as well as hands-on instruction in securing Web communications and sites. You will learn the common vulnerabilities of Web sites; as well as, how to carry out secure communications across unsecured networks. All system administrators and IT security managers will find this book an essential practical resource.
Autoren/Hrsg.
Weitere Infos & Material
1;Dedication;6
2;Contents;7
3;Acknowledgements;11
4;Foreword;13
5;Preface;15
5.1;INTRODUCTION;15
5.2;PURPOSE;15
5.3;SCOPE;15
5.4;TARGET AUDIENCE;16
5.5;ORGANIZATION OF THIS BOOK;17
5.6;CONVENTIONS;21
6;Part I INTRODUCTION TO INTERNET SECURITY;22
6.1;INTERNET TECHNOLOGIES;24
6.1.1;INTRODUCTION;24
6.1.2;THE WEB CLIENT/SERVER ARCHITECTURE;24
6.1.3;WHAT DOES THE WEB SERVER DO?;34
6.1.4;DYNAMIC CONTENT TECHNOLOGIES;41
6.1.5;SUMMARY AND CONCLUSIONS;46
6.1.6;REFERENCES;46
6.2;BASIC SECURITY ISSUES;48
6.2.1;INTRODUCTION;48
6.2.2;INTERNET AND NETWORK SECURITY ISSUES: BASIC SECURITY CONCEPTS;49
6.2.3;SUMMARY AND CONCLUSIONS;57
6.2.4;REFERENCES;57
7;Part II ESTABLISHING YOUR ORGANIZATION’S SECURITY;58
7.1;REAL THREATS THAT IMPACT SECURITY;60
7.1.1;INTRODUCTION;60
7.1.2;COMMON HACKER EXPLOITS;60
7.1.3;VULNERABILITY DETECTION;61
7.1.4;WHAT YOUR ISP ISN’T TELLING YOU;62
7.1.5;SOFTWARE PATCHING;62
7.1.6;ARE YOU AT RISK FROM INTERNET SECURITY THREATS?;63
7.1.7;SUMMARY AND CONCLUSIONS;64
7.1.8;REFERENCES;67
7.2;A SECURITY POLICY: THE FOUNDATION OF YOUR PROTECTION;68
7.2.1;INTRODUCTION;68
7.2.2;MAJOR TYPES OF POLICY;69
7.2.3;WHAT TO INCLUDE;72
7.2.4;OBTAINING APPROVAL;74
7.2.5;GETTING POLICY IMPLEMENTED;75
7.2.6;SAMPLE HIGH LEVEL POLICY STATEMENTS;76
7.2.7;SUMMARY AND CONCLUSIONS;76
7.2.8;REFERENCES;76
8;Part III DEVELOPING YOUR SECURITY POLICY;78
8.1;STEPS TO TAKE NOW;80
8.1.1;INTRODUCTION;80
8.1.2;THREATS/VISIBILITY;81
8.1.3;SENSITIVITIES/CONSEQUENCES;82
8.1.4;INFORMATION ASSET INVENTORY;83
8.1.5;GENERAL SUPPORT SYSTEMS;83
8.1.6;CRITICAL/MAJOR APPLICATIONS;84
8.1.7;ENTERPRISE REQUIREMENTS;85
8.1.8;SUMMARY AND CONCLUSIONS;96
8.1.9;REFERENCES;97
8.2;RESPONDING TO ATTACKS;98
8.2.1;INTRODUCTION;98
8.2.2;SAMPLE POLICY AREAS;98
8.2.3;INTERNET FIREWALL POLICY;129
8.2.4;WORLD WIDE WEB (WWW);146
8.2.5;ELECTRONIC MAIL;152
8.2.6;SUMMARY AND CONCLUSIONS;162
8.2.7;REFERENCES;163
9;Part IV SECURING THE WEB CLIENT;164
9.1;THREATS AND VULNERABILITIES;166
9.1.1;INTRODUCTION;166
9.1.2;TOP THREATS AND VULNERABILITIES IN WINDOWS SYSTEMS;167
9.1.3;TOP THREATS AND VULNERABILITIES IN CROSS-PLATFORM APPLICATIONS;175
9.1.4;TOP THREATS AND VULNERABILITIES IN UNIX SYSTEMS;189
9.1.5;TOP THREATS AND VULNERABILITIES IN NETWORKING PRODUCTS;191
9.1.6;SUMMARY AND CONCLUSIONS;195
9.1.7;REFERENCES;196
9.2;PROTECTING YOUR WEB BROWSER;198
9.2.1;INTRODUCTION;198
9.2.2;BROWSER WEAKNESSES;199
9.2.3;UNIVERSAL STATUS BAR SPOOFING?;200
9.2.4;KEEP YOUR SYSTEM UPDATED;200
9.2.5;CONFIGURE SECURITY IN YOUR WEB BROWSER;200
9.2.6;KEEP YOUR BROWSER IN CHECK;201
9.2.7;PRINCIPAL OF LEAST PRIVILEGE;201
9.2.8;ANTI-SPYWARE;201
9.2.9;ANTI-VIRUS;202
9.2.10;THINK BEFORE YOU CLICK!;202
9.2.11;SUMMARY AND CONCLUSIONS;202
9.2.12;REFERENCES;203
10;Part V NETWORK INTERCONNECTIONS: A MAJORPOINT OF VULNERABILITY;204
10.1;BASIC OPERATING SYSTEM AND TCP/IP CONCEPTS;206
10.1.1;INTRODUCTION;206
10.1.2;TCP/IP OVERVIEW;206
10.1.3;TCP/IP RESET ATTACKS;209
10.1.4;SUMMARY AND CONCLUSIONS;212
10.1.5;REFERENCES;213
10.2;EARLY SYSTEM SECURITY IMPROVEMENTS;214
10.2.1;INTRODUCTION;214
10.2.2;DES;216
10.2.3;SHADOW PASSWORDS;216
10.2.4;DIALBACK/DIALER PASSWORDS;217
10.2.5;SUMMARY AND CONCLUSIONS;222
10.2.6;REFERENCES;222
11;Part VI DETERRING MASQUERADERS AND ENSURING AUTHENTICITY;224
11.1;IMPERSONATING USERS;226
11.1.1;INTRODUCTION;226
11.1.2;WHAT’S AT RISK?;226
11.1.3;IDENTITY AND ACCESS MANAGEMENT;227
11.1.4;IT’S NOT WHAT YOU KNOW THAT COUNTS;227
11.1.5;ELIMINATE VULNERABLE, PASSWORD-BASED SYSTEMS;228
11.1.6;YOUR IDENTITY IS THE KEY;229
11.1.7;WHAT’S THE COST?;230
11.1.8;SUMMARY AND CONCLUSIONS;230
11.1.9;REFERENCES;230
11.2;HOW MASQUERADERS INFILTRATE A SYSTEM;232
11.2.1;INTRODUCTION;232
11.2.2;PREPARING FOR THE NEW WORLD ORDER;233
11.2.3;CHINESE CHECKERS;237
11.2.4;INTERCEPTION;238
11.2.5;SUMMARY AND CONCLUSIONS;245
11.2.6;REFERENCES;245
11.3;HOLDING YOUR DEFENSIVE LINE;246
11.3.1;INTRODUCTION;246
11.3.2;TROUBLE ARRIVES ON PORTS 80 AND 443;247
11.3.3;INCREASINGLY SOPHISTICATED CRIMINALS/ MASQUERADERS TARGET THE INTERNET;247
11.3.4;BLENDED THREATS RAISE THE BAR;248
11.3.5;WEB PROXIES ACCELERATE CONTENT DELIVERY, WEB FILTERS ADD SECURITY;248
11.3.6;DEFENSE-IN-DEPTH SOLUTIONS TO WEB-BORNE THREATS;249
11.3.7;ISA IN A SINGLE AUTO-UPDATING APPLIANCE;250
11.3.8;SUMMARY AND CONCLUSIONS;252
11.3.9;REFERENCES;252
12;Part VII PREVENTING EAVESDROPPING TO PROTECT YOUR PRIVACY;254
12.1;UNAUTHORIZED LISTENING AND LOOKING;256
12.1.1;INTRODUCTION;256
12.1.2;HOW DOES INSTANT MESSAGING WORK?;256
12.1.3;INSTANT MESSAGING SECURITY THREATS;257
12.1.4;BLOCKING INSTANT MESSAGING;260
12.1.5;SUMMARY AND CONCLUSIONS;261
12.1.6;REFERENCES;262
12.2;COUNTERING OR NOT COUNTERING THE EAVESDROPPER: THAT’S THE QUESTION?;264
12.2.1;INTRODUCTION;264
12.2.2;CALEA’S HISTORY;265
12.2.3;U.S. WIRETAP LAWS;266
12.2.4;FOREIGN INTELLIGENCE SURVEILLANCE ACT;269
12.2.5;COMMUNICATIONS IN AN AGE OF TERROR;269
12.2.6;ENTER NEW TECHNOLOGY: THE INTERNET;271
12.2.7;SUMMARY AND CONCLUSIONS;274
12.2.8;REFERENCES;275
13;Part VIII THWARTING COUNTERFEITERS AND FORGERY TO RETAIN INTEGRITY;277
13.1;THE FORGER’S ARSENAL;278
13.1.1;INTRODUCTION;278
13.1.2;INGRESS FILTERING;278
13.1.3;DISCERNING TRUE PACKET SOURCES;279
13.1.4;NEED FOR TWO PATHS;281
13.1.5;USE OF EXPLICIT IP ADDRESSES;281
13.1.6;HOW EXPENSIVE IS PEIP?;282
13.1.7;PROBLEMS CAUSED BY PEIP;283
13.1.8;VULNERABILITIES OF PEIP;284
13.1.9;SUMMARY AND CONCLUSIONS;288
13.1.10;REFERENCES;288
13.2;SHIELDING YOUR ASSETS;290
13.2.1;INTRODUCTION;290
13.2.2;THE BUSINESS ISSUES;290
13.2.3;CONVENTIONAL SECURITY SOLUTIONS;291
13.2.4;MINIMAL RESOURCES = MINIMUM SECURITY;293
13.2.5;THE NEXT GENERATION OF PERIMETER SECURITY;294
13.2.6;SUMMARY AND CONCLUSIONS;295
13.2.7;REFERENCES;295
14;Part IX AVOIDING DISRUPTION OF SERVICE TO MAINTAIN AVAILABILITY;297
14.1;DENIAL-OF-SERVICE ATTACKS;298
14.1.1;INTRODUCTION;298
14.1.2;OPERATING SYSTEM ATTACKS;299
14.1.3;NETWORKING ATTACKS;299
14.1.4;SUMMARY AND CONCLUSIONS;300
14.1.5;REFERENCES;300
14.2;CONSTRUCTING YOUR BASTIONS;302
14.2.1;INTRODUCTION;302
14.2.2;HOST PROBING;302
14.2.3;PORT SCANNING;303
14.2.4;OS FINGERPRINTING;303
14.2.5;COUNTERMEASURES;304
14.2.6;THE BOTTOM LINE;305
14.2.7;SUMMARY AND CONCLUSIONS;305
14.2.8;REFERENCES;305
14.3;THE IMPORTANCE OF FIREWALLS;306
14.3.1;INTRODUCTION;306
14.3.2;WHAT IT DOES;307
14.3.3;MAKING THE FIREWALL FIT;307
14.3.4;WHAT IT PROTECTS YOU FROM;309
14.3.5;PROXY SERVERS AND DMZ;312
14.3.6;SUMMARY AND CONCLUSIONS;313
14.3.7;REFERENCES;313
15;Part X CONFIGURING OPERATING SYSTEM AND NETWORK SECURITY;315
15.1;OPERATING SYSTEMS THAT POSE SECURITY RISKS;316
15.1.1;INTRODUCTION;316
15.1.2;THE PROBLEM IN PRINCIPLE;316
15.1.3;MICROSOFT;320
15.1.4;IMPACT ON PUBLIC PROTECTION;324
15.1.5;SUMMARY AND CONCLUSIONS;327
15.1.6;REFERENCES;328
15.2;NETWORK SECURITY;330
15.2.1;INTRODUCTION;330
15.2.2;CURRENT SECURITY RISKS;330
15.2.3;ASSESSING THE RISKS;332
15.2.4;SECURITY SOLUTIONS;333
15.2.5;ISSUES WITH LEGACY NETWORK SECURITY ARCHITECTURES;334
15.2.6;NEXT GENERATION SOLUTIONS: THE INTEGRATED NETWORK SECURITY PLATFORM;335
15.2.7;SUMMARY AND CONCLUSIONS;336
15.2.8;REFERENCES;337
16;Part XI ENHANCING WEB SERVER SECURITY;339
16.1;CONTROLLING ACCESS;340
16.1.1;INTRODUCTION;340
16.1.2;WHY ACCESS CONTROL?;341
16.1.3;ACCESS CONTROL SECURITY SOLUTION OVERVIEW;342
16.1.4;INTELLIGENT SECURITY NETWORK;343
16.1.5;ACCESS CONTROL SECURITY SOLUTION DEPLOYMENT SCENARIO;343
16.1.6;SUMMARY AND CONCLUSIONS;344
16.1.7;REFERENCES;345
16.2;EXTENDED WEB SITE SECURITY FUNCTIONALITY;346
16.2.1;INTRODUCTION;346
16.2.2;SECURE UI PRINCIPLE I: SECURITY SHOULD BE DEFAULT, AND DEFAULTS SHOULD BE SECURE;347
16.2.3;SECURE UI PRINCIPLE II: SECURITY MUST BE USABLE TO BE USED;347
16.2.4;SECURE UI PRINCIPLE III: ALERTS SHOULD WAKE-UP;347
16.2.5;SECURE UI PRINCIPLE IV: CRYPTOGRAPHY IS IN GREEK;348
16.2.6;RELATED REAL-LIFE WEB SITE-SPOOFING ATTACKS;348
16.2.7;SUMMARY AND CONCLUSIONS;349
16.2.8;REFERENCES;350
16.3;SECURING WEB COMMUNICATIONS WITH SSL VPNS;352
16.3.1;INTRODUCTION;352
16.3.2;THE BUSINESS OF SECURE REMOTE ACCESS;353
16.3.3;REMOTE ACCESS REQUIRES COMPREHENSIVE SECURITY;353
16.3.4;ENDPOINT SECURITY CONSIDERATIONS;354
16.3.5;THE COLLABORATIVE PROCESS OF VPN SECURITY;355
16.3.6;SECURING THE GATEWAY;355
16.3.7;SUMMARY AND CONCLUSIONS;356
16.3.8;REFERENCES;356
17;Part XII ISSUING AND MANAGING CERTIFICATES;358
17.1;WHY DIGITAL CERTIFICATES ARE USED;360
17.1.1;INTRODUCTION;360
17.1.2;UNDERSTANDING FIRST GENERATION DIGITAL CERTIFICATES;360
17.1.3;SECOND GENERATION AUTOMATED VETTING: CHEAPER, FASTER AND THE KEY TO IDENTITY VERIFICATION IMPROVEMENTS FOR THE NEXT DECADE;366
17.1.4;SUMMARY AND CONCLUSIONS;368
17.1.5;REFERENCES;369
17.2;CERTIFICATE AUTHORITIES;370
17.2.1;INTRODUCTION;370
17.2.2;HOW SECURE IS THE CA?;372
17.2.3;SOME TERMINOLOGY;374
17.2.4;WHY DO PKI IN A ROUTER?;374
17.2.5;SUMMARY AND CONCLUSIONS;375
17.2.6;REFERENCES;375
17.3;TRUSTING SSL CAS IN SERVERS AND BROWSERS;376
17.3.1;INTRODUCTION;376
17.3.2;SSL DEFINED;376
17.3.3;HOW SSL SERVER CERTIFICATES WORK;377
17.3.4;SECURING MULTIPLE SERVERS AND DOMAINS WITH SSL;380
17.3.5;SUMMARY AND CONCLUSIONS;381
17.3.6;REFERENCES;382
18;Part XIII FIREWALLS AND FIREWALL TOPOLOGIES;384
18.1;PROTECTING SERVERS AND CLIENTS WITH FIREWALLS;386
18.1.1;INTRODUCTION;386
18.1.2;TYPES OF FIREWALLS;387
18.1.3;UNDERSTANDING FIREWALL TYPES;390
18.1.4;FIREWALL TYPES DRAWBACKS;391
18.1.5;SUMMARY AND CONCLUSIONS;391
18.1.6;REFERENCES;392
18.2;CHOOSING THE RIGHT FIREWALL;394
18.2.1;INTRODUCTION;394
18.2.2;CONVERGENCE;395
18.2.3;ABOUT PACKET INSPECTION;401
18.2.4;SUMMARY AND CONCLUSIONS;418
18.2.5;REFERENCES;418
18.3;FIREWALL TOPOLOGIES;420
18.3.1;INTRODUCTION;420
18.3.2;VPN – VIRTUAL PRIVATE NETWORK;420
18.3.3;FIREWALL POLICIES;423
18.3.4;SETTING UP A DEMILITARIZED ZONE (DMZ) – A VPN ALTERNATIVE?;424
18.3.5;SUMMARY AND CONCLUSIONS;430
18.3.6;REFERENCES;431
18.4;SELECTING FIREWALL SECURITY TOPOLOGY POLICY;432
18.4.1;INTRODUCTION;432
18.4.2;FIREWALL PROTECTION;433
18.4.3;FIREWALL ARCHITECTURES;433
18.4.4;TYPES OF FIREWALLS;434
18.4.5;ISSUES;437
18.4.6;INTRANET;438
18.4.7;NETWORK TRUST RELATIONSHIPS;439
18.4.8;VIRTUAL PRIVATE NETWORKS (VPN);440
18.4.9;FIREWALL ADMINISTRATION;440
18.4.10;SUMMARY AND CONCLUSIONS;450
18.4.11;REFERENCES;451
19;Part XIV SECURITY MANAGEMENT SOLUTIONS AND FUTURE DIRECTIONS;453
19.1;IDENTIFYING AND RESPONDING TO SECURITY VIOLATIONS;454
19.1.1;INTRODUCTION;454
19.1.2;THE PROFILER;455
19.1.3;HOW IST SHOULD WORK;456
19.1.4;HOW IST CAN HELP;456
19.1.5;IST REMOVING THE UNKNOWN: STAYING CURRENT ON HOSTS, SERVERS AND APPLICATIONS ON THE NETWORK;457
19.1.6;QUICKLY RESOLVE SECURITY INCIDENTS THROUGH DETAILED INVESTIGATIONS;457
19.1.7;QUICKLY RECOGNIZE THE SOURCE OF WORMS FOR CONTAINMENT;457
19.1.8;SUMMARY AND CONCLUSIONS;458
19.1.9;REFERENCES;459
19.2;REAL-TIME MONITORING AND AUDITING;460
19.2.1;INTRODUCTION;460
19.2.2;THE IDEAL MONITORING SOLUTION;461
19.2.3;WATCHING THE DATABASE ADMINISTRATOR;461
19.2.4;WATCHING TEMPORARY ACCOUNTS;462
19.2.5;AUDITING ACCESS TO SENSITIVE DATA;462
19.2.6;THE FLEXIBILITY TO FILTER RESULTS;463
19.2.7;ATTEMPTS TO CIRCUMVENT AN APPLICATION;463
19.2.8;SUMMARY AND CONCLUSIONS;463
19.2.9;REFERENCES;464
19.3;LIMITING DAMAGE;466
19.3.1;INTRODUCTION;466
19.3.2;APPLICATION FIREWALLS;467
19.3.3;APPLICATION FIREWALLS WITH CENTRALIZED MANAGEMENT CONSOLE;467
19.3.4;TRAFFIC MONITORING INTRUSION DETECTION SYSTEMS;467
19.3.5;THE PROBLEM WILL NOT GO AWAY;468
19.3.6;SUMMARY AND CONCLUSIONS;468
19.3.7;REFERENCES;469
19.4;KEEPING UP TO DATE ON NEW THREATS;470
19.4.1;INTRODUCTION;470
19.4.2;SECURE CONTENT MANAGEMENT GROWS IN IMPORTANCE;470
19.4.3;THE IMPERATIVE FOR SECURITY ECOSYSTEMS;471
19.4.4;WEB FILTERING EXPANDS ITS ROLE;472
19.4.5;SUMMARY AND CONCLUSIONS;472
19.4.6;REFERENCES;472
19.5;EMERGING TECHNOLOGIES;474
19.5.1;INTRODUCTION;474
19.5.2;THE DEVIL YOU KNOW;474
19.5.3;SUMMARY AND CONCLUSIONS;476
19.5.4;REFERENCES;476
19.6;SUMMARY, CONCLUSIONS AND RECOMMENDATIONS;478
19.6.1;INTRODUCTION;478
19.6.2;SUMMARY;478
19.6.3;CONCLUSIONS;482
19.6.4;RECOMMENDATIONS;488
19.6.5;REFERENCES;489
20;Part XV APPENDICES;491
20.1;CONFIGURING INTERNET AUTHENTICATION SERVICE ON MICROSOFT WINDOWS 2003 SERVER WINDOWS 2003 / ENHANCED;492
20.1.1;INTRODUCTION;492
20.1.2;CONFIGURING THE WINDOWS 2003 SERVER FOR IAS TO SUPPORT RADIUS CLIENTS;492
20.1.3;CONFIGURING THE WINDOWS 2003 SERVER FOR RADIUS USER MANAGEMENT;493
20.1.4;CONFIGURING THE SONICWALL SECURITY APPLIANCE TO SUPPORT THE AUTHENTICATION METHOD;494
20.1.5;REFERENCES;494
20.2;INTERNET SECURITY MANAGEMENT, RESILIENCY AND SECURITY;496
20.2.1;INTRODUCTION;496
20.2.2;THE ORGANIZATION AS BENEFACTOR;497
20.2.3;THE SCOPE OF SECURITY MANAGEMENT;497
20.2.4;COMPLEXITY IS PERVASIVE;498
20.2.5;SECURITY AS AN INVESTMENT;498
20.2.6;TECHNOLOGICAL BIASES;499
20.2.7;SECURITY IS A BUSINESS PROBLEM;500
20.2.8;REGULATORY BIASES;500
20.2.9;SECURITY AS A CORE COMPETENCY;501
20.2.10;CONCLUSIONS;501
20.2.11;REFERENCES;502
20.3;LIST OF TOP INTERNET SECURITY IMPLEMENTATION AND DEPLOYMENT COMPANIES;504
20.4;LIST OF INTERNET SECURITY PRODUCTS;526
20.5;LIST OF INTERNET SECURITY STANDARDS;532
20.6;LIST OF MISCELLANEOUS INTERNET SECURITY RESOURCES;536
20.7;GLOSSARY;538
Chapter 7 THREATS AND VULNERABILITIES (p. 145)
INTRODUCTION
Six years ago, the SANS Institute [1] and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities, with regards to securing the Web client. Thousands of enterprises used that list, and the expanded Top-20 lists that followed one, two, and three years later, to prioritize their efforts so they could close the most dangerous holes .rst. The vulnerable services and the threats that they posed, led to worms like Blaster, Slammer, Code Red and many others, that have been on these lists [1].
This chapter presents an overview of these vulnerabilities and threats, and is a marked deviation from the previous Top-20 lists. In addition to Windows and UNIX categories, SANS and NIPC have also included cross-platform applications and networking products. The change re.ects the dynamic nature of the evolving threat landscape and the vulnerabilities that attackers target. Unlike the previous Top-20 lists, this list is not cumulative in nature. SANS and NIPC have only listed critical vulnerabilities and threats from 2005 and 2006. If you have not patched your systems for a length of time, it is highly recommended that you .rst patch the vulnerabilities listed in the Top-20 2005 list [1].
SANS and NIPC have made a best effort to make this list meaningful for most enterprises. Hence, the Top-20 is a consensus list of vulnerabilities and threats that require immediate remediation. It is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore, the leading security software vendors and consulting .rms, the top university-based security programs, many other user enterprises, and the SANS Institute [1].
The SANS Top-20 is a living list. It includes step-by-step instructions and pointers to additional information useful for correcting the security .aws. SANS and NIPC will update the list and the instructions as more critical vulnerabilities and more current or convenient methods of protection are identi.ed, and they welcome your input along the way. This is a community consensus list – your experience in .ghting attackers and in eliminating the vulnerabilities and threats, can help others who come after you [1].
TOP THREATS AND VULNERABILITIES IN WINDOWS SYSTEMS
The family of Windows Operating systems supports a wide variety of services, networking methods and technologies. Many of these components are implemented as Service Control Programs (SCP) under the control of Service Control Manager (SCM), which runs as Services.exe. Vulnerabilities in these services that implement these Operating System functionalities are one of the most common avenues for exploitation [1].
Windows Services
Remotely exploitable buffer over.ow vulnerabilities continue to be the number one issue that affects Windows services. Several of the core system services provide remote interfaces to client components through Remote Procedure Calls (RPC). They are mostly exposed through named pipe endpoints accessible through the Common Internet File System (CIFS) protocol, well known TCP/UDP ports and in certain cases ephemeral TCP/UDP ports.
