Fwd: Twenty Most Critical Internet Security Vulnerabilities

Archaic archaic at indy.rr.com
Wed Oct 1 15:22:16 PDT 2003


This is dated, but still relevant. Gives some good recommendations.
http://www.sans.org/top20.htm

The top 10 for UNIX/Linux are:

Remote Procedure Calls (RPC)
Apache Web Server
Secure Shell (SSH)
Simple Network Management Protocol (SNMP)
File Transfer Protocol (FTP)
R-Services -- Trust Relationships
Line Printer Daemon (LPD)
Sendmail
BIND/DNS
General Unix Authentication -- Accounts with No/Weak Passwords

-- 
Archaic

"One of the ordinary modes, by which tyrants accomplish their purposes
without resistance, is, by disarming the people, and making it an
offense to keep arms."

- Constitutional scholar and Supreme Court Justice Joseph Story, 1840




More information about the lfs-security mailing list