If It Ain't Broke See If It's Fixed

Tuesday, 17 December 2002, 3:38 AM EST

Many administrators are already overworked with other system administration tasks or keeping a system up and running. Also, administering in a large network environment with a small computer staff doesn't help the issue of keeping systems secure. Attackers know that and are actively exploiting it.

The availability of attack tools and people posting bugs in software only puts an urgency on keeping systems secure. In his book Secrets and Lies Bruce Schneier stated very simply that the Internet is "...a perfect medium for propagating successful attack tools. Only the first attacker has to be skilled; every one else can use his software."(Schneier) The availability of the Internet today is a blessing and a curse (though only a small portion is a curse). The blessing is that for each exploit of a well-known vulnerability there are a lot more resources on how to fix these problem. SANS has a Top-Twenty List of the most common security vulnerabilities and what to do to fix each one. In cooperation with some commercial and open source organizations there are tools to help identify these vulnerabilities and documentation on how to fix these problems or mitigate the risks. The SANS list will help the overworked admins to identify and fix those vulnerabilities. The SANS lists and recommendations won't prevent attackers from compromising your servers but help minimize the risk of the most common attacks and it will make you AWARE. Awareness is critical on the part of the admins and users.

[ Read more ]


The evolution of backup and disaster recovery

Posted on 25 July 2014.  |  Amanda Strassle, IT Senior Director of Data Center Service Delivery at Seagate Technology, talks about enterprise backup issues, illustrates how the cloud shaping an IT department's approach to backup and disaster recovery, and more.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Mon, Jul 28th