Fixing the FBI's 'Top 20' security flaws isn't enough

Monday, 7 October 2002, 12:36 AM EST

Like a good sun-block lotion, the SANS/FBI recommendations for keeping these 20 vulnerabilities covered vastly lowers (but doesn't eliminate) your chances of getting "burned." The 20 items represent the weaknesses most frequently exploited by Internet-based attackers and should be a mandatory second step for all enterprises in an Internet security program.

Appendix A of the list provides advice that should be the first step: Enterprises should block all unnecessary ports and services at the enterprise firewall and open only those required for business. Although Appendix A lists the most dangerous ports that should almost always be closed, Gartner believes that "deny all that is not expressly permitted" should be the mantra for Internet security.

[ Read more ]

Related items




Spotlight

The Software Assurance Marketplace: A response to a challenging problem

Posted on 20 October 2014.  |  The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has recognized how critical the state of software security is to the DHS mission.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Oct 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //