Security
SANS Top 20 Vulnerability List
There's a new SANS (SysAdmin, Audit, Network, Security) Top 20 list of security vulnerabilities. This is a list of the top 20 vulnerabilities in Windows and UNIX.
Top Vulnerabilities to Windows Systems
- Internet Information Services (IIS)
- Microsoft SQL Server (MSSQL)
- Windows Authentication
- Internet Explorer (IE)
- Windows Remote Access Services
- Microsoft Data Access Components (MDAC)
- Windows Scripting Host (WSH)
- Microsoft Outlook Outlook Express
- Windows Peer to Peer File Sharing (P2P)
- Simple Network Management Protocol (SNMP)
Top Vulnerabilities to UNIX Systems
- BIND Domain Name System
- Remote Procedure Calls (RPC)
- Apache Web Server
- General UNIX Authentication Accounts with No Passwords or Weak Passwords
- Clear Text Services
- Sendmail
- Simple Network Management Protocol (SNMP)
- Secure Shell (SSH)
- Misconfiguration of Enterprise Services NIS/NFS
- Open Secure Sockets Layer (SSL)
It is also recommended that for good perimeter security that the following ports are secured to prevent access to the system or network.
| Name | Port | Protocol | Description |
| Small services | <20 | tcp/udp | small services |
| FTP | 21 | tcp | file transfer |
| SSH | 22 | tcp | login service |
| TELNET | 23 | tcp | login service |
| SMTP | 25 | tcp | |
| TIME | 37 | tcp/udp | time synchronization |
| WINS | 42 | tcp/udp | WINS replication |
| DNS | 53 | udp | naming services |
| DNS zone transfers | 53 | tcp | naming services |
| DHCP server | 67 | tcp/udp | host configuration |
| DHCP client | 68 | tcp/udp | host configuration |
| TFTP | 69 | udp | miscellaneous |
| GOPHER | 70 | tcp | old WWW-like service |
| FINGER | 79 | tcp | miscellaneous |
| HTTP | 80 | tcp | web |
| alternate HTTP port | 81 | tcp | web |
| alternate HTTP port | 88 | tcp | web (sometimes Kerberos) |
| LINUXCONF | 98 | tcp | host configuration |
| POP2 | 109 | tcp | |
| POP3 | 110 | tcp | |
| PORTMAP/RPCBIND | 111 | tcp/udp | RPC portmapper |
| NNTP | 119 | tcp | network news service |
| NTP | 123 | udp | time synchronization |
| NetBIOS | 135 | tcp/udp | DCE-RPC endpoint mapper |
| NetBIOS | 137 | udp | NetBIOS name service |
| NetBIOS | 138 | udp | NetBIOS datagram service |
| NetBIOS/SAMBA | 139 | tcp | file sharing & login service |
| IMAP | 143 | tcp | |
| SNMP | 161 | tcp/udp | miscellaneous |
| SNMP | 162 | tcp/udp | miscellaneous |
| XDMCP | 177 | udp | X display manager protocol |
| BGP | 179 | tcp | miscellaneous |
| FW1-secureremote | 256 | tcp | CheckPoint FireWall-1 mgmt |
| FW1-secureremote | 264 | tcp | CheckPoint FireWall-1 mgmt |
| LDAP | 389 | tcp/udp | naming services |
| HTTPS | 443 | tcp | web |
| Windows 2000 NetBIOS | 445 | tcp/udp | SMB over IP (Microsoft-DS) |
| ISAKMP | 500 | udp | IPSEC Internet Key Exchange |
| REXEC | 512 | tcp | } the three |
| RLOGIN | 513 | tcp | } Berkeley r-services |
| RSHELL | 514 | tcp | } (used for remote login) |
| RWHO | 513 | udp | miscellaneous |
| SYSLOG | 514 | udp | miscellaneous |
| LPD | 515 | tcp | remote printing |
| TALK | 517 | udp | miscellaneous |
| RIP | 520 | udp | routing protocol |
| UUCP | 540 | tcp/udp | file transfer |
| HTTP RPC-EPMAP | 593 | tcp | HTTP DCE-RPC endpoint mapper |
| IPP | 631 | tcp | remote printing |
| LDAP over SSL | 636 | tcp | LDAP over SSL |
| Sun Mgmt Console | 898 | tcp | remote administration |
| SAMBA-SWAT | 901 | tcp | remote administration |
| Windows RPC programs | 1025 | tcp/udp | } often allocated |
| Windows RPC programs | to | } by DCE-RPC portmapper | |
| Windows RPC programs | 1039 | tcp/udp | } on Windows hosts |
| SOCKS | 1080 | tcp | miscellaneous |
| LotusNotes | 1352 | tcp | database/groupware |
| MS-SQL-S | 1433 | tcp | database |
| MS-SQL-M | 1434 | udp | database |
| CITRIX | 1494 | tcp | remote graphical display |
| WINS replication | 1512 | tcp/udp | WINS replication |
| ORACLE | 1521 | tcp | database |
| NFS | 2049 | tcp/udp | NFS file sharing |
| COMPAQDIAG | 2301 | tcp | Compaq remote administration |
| COMPAQDIAG | 2381 | tcp | Compaq remote administration |
| CVS | 2401 | tcp | collaborative file sharing |
| SQUID | 3128 | tcp | web cache |
| Global catalog LDAP | 3268 | tcp | Global catalog LDAP |
| Global catalog LDAP SSL | 3269 | tcp | Global catalog LDAP SSL |
| MYSQL | 3306 | tcp | database |
| Microsoft Term. Svc. | 3389 | tcp | remote graphical display |
| LOCKD | 4045 | tcp/udp | NFS file sharing |
| Sun Mgmt Console | 5987 | tcp | remote administration |
| PCANYWHERE | 5631 | tcp | remote administration |
| PCANYWHERE | 5632 | tcp/udp | remote administration |
| VNC | 5800 | tcp | remote administration |
| VNC | 5900 | tcp | remote administration |
| X11 | 6000-6255 | tcp | X Windows server |
| FONT-SERVICE | 7100 | tcp | X Windows font service |
| alternate HTTP port | 8000 | tcp | web |
| alternate HTTP port | 8001 | tcp | web |
| alternate HTTP port | 8002 | tcp | web |
| alternate HTTP port | 8080 | tcp | web |
| alternate HTTP port | 8081 | tcp | web |
| alternate HTTP port | 8888 | tcp | web |
| Unix RPC programs | 32770 | tcp/udp | } often allocated |
| Unix RPC programs | to | } by RPC portmapper | |
| Unix RPC programs | 32899 | tcp/udp | } on Solaris hosts |
| COMPAQDIAG | 49400 | tcp | Compaq remote administration |
| COMPAQDIAG | 49401 | tcp | Compaq remote administration |
| PCANYWHERE | 65301 | tcp | remote administration |
IMPORTANT - Blocking these ports does not prevent them from being used by systems compromised by viruses, trojans and so on. Take care to secure systems from being compromised by using effective, up-to-date anti-virus scanners.
NOTE - Blocking some of these ports may disable services that are required. Bear this in mind before making changes.
If you just secured your system against these 20 things, you'll have a pretty safe system!
More information and downloads available from: http://www.sans.org/top20/
Adrian Kingsley-Hughes
Last updated: May 4th 2004
Print This Page |
Email me when this page changes
| Search This Site
Security
- Fake Security Apps
- IE7: Low Rights
- Spyware Popups
- Media View vs Real World
- A Real Site??
- SP2 Info Bar or not?
- Google AutoLink Raises Eyebrows
- Unchecked Buffers
- Secure Disk Destruction
- Disabling UPnP
- Useful Security Products
- Vulnerability List
- 3 Steps to Protect your PC
- Safe and Unsafe File Extensions
- Browser Encryption
- How secure is that password?
- Double Entry Passwords
- How are passwords stored on websites?
- Passwords and Internet Cafes
- WEP Strong Key Generator
- WPA Random Key Generator
- Make Me A Password
- Choosing Good Passwords
- More on Passwords
- Viewing Images in Email
- 419
- Spam Uncanned
- More Spam
- Latest Spam Tricks
- Bogus Bulletins
- Spam & Ham
- Outlook Read Receipts
- New Norton for Vista
- Virus Alerts
- Virus Types
- Virus Hoaxes
- Live update Problem
- More Live update Issues
- Norton 2005 problem
Out Now!
Get ready to Build your own custom PC!
>> ORDER TODAY!!
|
|