Know your vulnerabilities

One of the most pressing needs for any security administrator is to understand which are the greatest threats facing his organization. Any tactician (and security people are nothing if not tacticians) must know what his enemy is likely to do. Understanding capabilities is important, of course, but this is in the field of what could happen. Understanding likelihoods, on the other hand, turns ordinary intelligence gathering on the adversary into probably courses of action, and suggests countermeasures that should be taken to thwart likely threats.

But how are you to find out what people are likely to do? Well, one of the best ways is to study what's been done in the past and deduce from that study which weaknesses that have been exploited before you're vulnerable to. These would be the most likely areas that you should bring up to speed first. Then you can concentrate on the less likely avenues of attack that hackers and crackers see in your enterprise setup.

A good source for such information is the

    Requires Free Membership to View

SANS (SysAdmin, Audit, Network, Security) Institute's list of the top 20 vulnerabilities. SANS, established in 1989, is an organization dedicated to allowing security professionals and others to learn from each other and share their understanding of security issues. SANs and the Federal Bureau of Investigation team up to come up with the annual SANS/FBI list of top 20 vulnerabilities.

This year's list, released in October of 2002, lists ten vulnerabilities each for Windows systems and for Unix systems (so you thought you were secure because you're running Unix). Topping the Windows list is IIS. Number two on the Unix list is Apache. But there are others, along with explanations of how hackers and crackers can exploit these vulnerabilities to your detriment.

Knowing your adversary can save you a lot of headaches. An ounce of prevention, after all, is worth a pound of cure.

About the author
David Gabel is the executive technology editor of TechTarget Inc.

This was first published in January 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.