|
|
This section categorizes information according to operating system Common security issues are: - patches
- Any Internet-visible server must have the latest patches installed. As soon as a new exploit is discovered, tens of thousands of "script kiddies" will scan the Internet looking for servers they can break into. You have a short window to download and install the patch before they find your server.
- defaults
- Every operating system and service is insecure "out-of-box". You must lock everything down before exposing it.
- passwords
- Hackers will immediately attempt to "grind" passwords as soon as they see a new server appear.
- ports
- Always port scan a server before putting it on the network, it's the first thing a hacker will do.
- accounts
- Accounts are regularly compromised due to sniffed passwords, grinded passwords, cracked passwords, and spoofed "trusted" systems.
- Patches (13)
- Windows (52)
Windows 2000, WinNT, Win95, Win98, Win3.1, etc.
| - UNIX (51)
Linux, BSD (FreeBSD, OpenBSD, etc.), Solaris, HP-UX, AIX, etc.
|
|
