Security Basics mailing list archives

Re: [OCLUG] Ten least secure programs

From: "Mitchell Rowton" <mitchell () attackprevention com>
Date: Tue, 1 Jul 2003 12:40:09 -0600

I would tend to suggest the following:

MDAC
SQL
Management
Internet Explorer
NetBIOS
Management
RPC
SNMP
Management

So far your list contains, services, systems, and architectures.  Does 
it have any scope?

Mitchell Rowton 
http://www.attackprevention.com

You forgot Microsoft's ActiveX, Word and Excel - vulnerable

On Sat, 28 Jun 2003 15:08:38 -0700, Chris Berry wrote

I'm putting together a list of what seem to be the ten least secure 
computer items in use today with the idea of having a set of things 
to recommend AGAINST people using, probably to be posted on the IT 
room door with a note like "NO, you cannot use the following!!". 
 Here is what I have so far, I'm looking for additions and

comments.

 The list is in order from with the worst offender being number

one.

 These should be products whose inheirent design is flawed, not

that

are just difficult to secure.  I expect vigorous discussion. 
*putting on flame retardent garments*  Oh, and leave Operating 
systems out of this one.

1) Microsoft Outlook
2) Telnet
3) Sendmail
4) IIS Server
5) Wireless networking
6) PHP
7) ?
8) ?
9) ?
10) ?

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Within every man beats a heart of darkness." --The Shadow

_________________________________________________________________
Help STOP SPAM with the new MSN 8 and get 2 months FREE*  
http://join.msn.com/?page=features/junkmail

--
Orange County Linux Users Group   http://www.oclug.org
To unsubscribe mailto:majordomo () oclug org?body=unsubscribe%20oclug





----------------------------------------------------------------------

-----

Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top

analysts!

The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote

access in

about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------

------




---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------

Current thread:

Re: [OCLUG] Ten least secure programs Afonso Francos Rubén (Jul 02)
- <Possible follow-ups>
- Re: [OCLUG] Ten least secure programs Meritt James (Jul 02)
- Re: [OCLUG] Ten least secure programs Mitchell Rowton (Jul 02)