SANS Top 20 Vulnerabilities – The Experts Consensus
The SANS group has collected this excellent list of vulnerabilities, and it’s definitely something that should be perused. I always find this list amusing, mostly because of the scope of the vulnerabilities. The Windows top 10 are always the most ubiquitous tools, the ones no one can live without, like the web browser and email, not to mention the web services. In comparison, while the vulnerabilities on the UNIX side are important, most of them are quite a bit more limited. For example, every Windows system is going to have the workstation service (W2), but only a limited number of *nix systems are going to have BIND or a web server running. The #1 vulnerability on the Windows list should just be Windows itself.
On a related note, Richard Bejtlich, author of The Tao of Network Security Monitoring, takes exception with the way SANS uses the words ‘threat’ and ‘vulnerability’. His point is well taken, but I’m not sure if it’s that important in the bigger picture. Semantics definitely affect how you look at an issue or problem, but I think it’s more important to get the information out than argue about how its presented.
If I have the time, I’d like to compare the new list to the last few years. Other the the name of the specific vulnerabilities, I’m pretty sure what’s on the list really hasn’t changes all that much over the last few years. So yes, this years buffer overflow is a little different from last years, but it’s still a buffer overflow in how IE handles URLs.
I’ve been using the Adblock extension for Firefox for about two weeks now, and it’s been working wonderfully. I haven’t had any problems, but one of my co-workers stated that he’d had several problems with the ESPN site. Apparently ESPN uses the same servers to supply it’s navigational images as it uses for its ad images. I’ve included an export of the Adblock settings I’ve used in the extended entry. You can copy those into a text file and import them into your Adblock setup.
Let me know if you have additional listings that work well for you. My settings seems to block about 95% of the ads out there, but I’m looking to get up to 99%, as long as it doesn’t start negatively impacting my web surfing.
Continue Reading »