Re: Re: January 15 is Personal Firewall Day, help the cause

[Valdis.Kletnieks () vt edu]

On Thu, 15 Jan 2004 13:55:18 EST, Mary Landesman said:

> ubiquitous. Cisco is running a poll right now to see which of the 17
> critical patches are most important to users, because they only have the
> manpower to fix 10 of them. Should we all stop using Cisco products?

Correction 1: Cisco isn't running the poll, SANS is.

Correction 2: Patches and proper configuration guidelines *are* *available* for all 17.

Correction 3: Cisco has the manpower.  The lack of manpower is at THE END USER SITE.

This is a continuation of the SANS Top 10/Top 20 lists, where we recognize that
the average site is *NOT* going to devote the manpower to actually secure their
networks, so we create a list of "At least put in just a few hours and patch
these worst problems so you're not a TOTAL sitting duck".  The question is
basically:  We've found 17 common misconfigs that can be security problems.
If a site isn't willing to do all 17, which 10 have the best bang/buck return if
we can only get them to fix SOME of them?

(And yes, if you have more time, http://www.cisecurity.org/bench_cisco.html
has more info on hardening Cisco routers - this is for the sites that aren't going
to be that gung-ho about it.  And there's other docs at SANS and Cisco on how
to harden the routers even further if you're REALLY ambitious/concerned).

The original SANS posting:
---
Top Ten Cisco Security Vulnerabilities Project Update.  The project team
has identified seventeen vulnerabilities that appear to be critical.
You can help with the next step of prioritizing the 17 to help the team
select the Top 10. Then the team will develop a guide organizations can
use to protect themselves against exploits of the Top Ten. If you are
willing to help by rating the 17 candidates, send email to info () sans org
with the subject Cisco Top 10.
---

See http://www.sans.org/top20/ for an example of what we're trying to do...

Attachment: _bin
Description: