- 论坛徽章:
- 0
|
|
http://www.sans.org/top20\r\nThe Twenty Most Critical Internet Security Vulnerabilities (Updated) ~ The Experts’ Consensus\r\nVersion 3.1 October 7, 2002 Copyright © 2001-2002, The SANS Institute\r\n\r\nTop Vulnerabilities to Windows Systems\r\n\r\nW1 Internet Information Services (IIS) \r\nW2 Microsoft Data Access Components (MDAC) -- Remote Data Services \r\nW3 Microsoft SQL Server \r\nW4 NETBIOS -- Unprotected Windows Networking Shares \r\nW5 Anonymous Logon -- Null Sessions \r\nW6 LAN Manager Authentication -- Weak LM Hashing \r\nW7 General Windows Authentication -- Accounts with No Passwords or Weak Passwords \r\nW8 Internet Explorer \r\nW9 Remote Registry Access \r\nW10 Windows Scripting Host \r\n\r\nTop Vulnerabilities to Unix Systems\r\n\r\nU1 Remote Procedure Calls (RPC) \r\nU2 Apache Web Server \r\nU3 Secure Shell (SSH) \r\nU4 Simple Network Management Protocol (SNMP) \r\nU5 File Transfer Protocol (FTP) \r\nU6 R-Services -- Trust Relationships \r\nU7 Line Printer Daemon (LPD) \r\nU8 Sendmail \r\nU9 BIND/DNS \r\nU10 General Unix Authentication -- Accounts with No Passwords or Weak Passwords \r\n \r\nFree Scanning Tools: http://www.sans.org/top20/tools.pdf \r\n |
|
免费注册
发表于 2002-10-09 09:49
