If It Ain't Broke See If It's Fixed

Tuesday, 17 December 2002, 3:38 AM EST

Many administrators are already overworked with other system administration tasks or keeping a system up and running. Also, administering in a large network environment with a small computer staff doesn't help the issue of keeping systems secure. Attackers know that and are actively exploiting it.

The availability of attack tools and people posting bugs in software only puts an urgency on keeping systems secure. In his book Secrets and Lies Bruce Schneier stated very simply that the Internet is "...a perfect medium for propagating successful attack tools. Only the first attacker has to be skilled; every one else can use his software."(Schneier) The availability of the Internet today is a blessing and a curse (though only a small portion is a curse). The blessing is that for each exploit of a well-known vulnerability there are a lot more resources on how to fix these problem. SANS has a Top-Twenty List of the most common security vulnerabilities and what to do to fix each one. In cooperation with some commercial and open source organizations there are tools to help identify these vulnerabilities and documentation on how to fix these problems or mitigate the risks. The SANS list will help the overworked admins to identify and fix those vulnerabilities. The SANS lists and recommendations won't prevent attackers from compromising your servers but help minimize the risk of the most common attacks and it will make you AWARE. Awareness is critical on the part of the admins and users.

[ Read more ]




Spotlight

Most popular Android apps open users to MITM attacks

Posted on 21 August 2014.  |  An analysis of the 1,000 most popular free Android apps from the Google Play store has revealed a depressing fact: most of them sport an SSL/TLS vulnerability that can be misused for executing MITM attacks, and occasionally additional ones, as well.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Aug 21st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //