Infosec: October 2003 Archives

SANS Top 20 Vulnerabilities v4.0

By Administrator on October 10, 2003 4:03 PM | | Comments (0) | TrackBacks (0)

One of the few useful things the FBI's (now the DHS's) NIPC has ever done is work with SANS to produce the SANS Top Twenty. A new version was released this week. It's a great resource for those that don't sit around thinking about risk mitigation all day long.

Three years ago, the SANS Institute and the National Infrastructure Protection Center (NIPC) at the FBI released a document summarizing the Ten Most Critical Internet Security Vulnerabilities. Thousands of organizations used that list, and the expanded Top Twenty lists that followed one and two years later, to prioritize their efforts so they could close the most dangerous holes first. The vulnerable services that led to the examples above Blaster, Slammer, and Code Red, as well as NIMDA worms - are on that list.

This updated SANS Top Twenty is actually two Top Ten lists: the ten most commonly exploited vulnerable services in Windows and the ten most commonly exploited vulnerable services in UNIX and Linux. Although there are thousands of security incidents each year affecting these operating systems, the overwhelming majority of successful attacks target one or more of these twenty vulnerable services.

Verisign's Wildcard Stupidity

By Administrator on October 6, 2003 10:07 AM | | Comments (0) | TrackBacks (0)

A few weeks back, Verisign implemented a wildcard in the .com and .net top level domains, which they are responsible for managing. What this means is that non-existant names, rather than getting an error returned from the TLD servers saying they don't exist, resolve to a Verisign server, which provides search services, and presumably tracks what folks are mistyping. This is a fairly common practice amongst some of the smaller TLD providers, but it has caused quite a stink in this case because of the size of these TLD's, and the unanticipated (by Verisign at least) side-effects. ICANN - the folks who dole out TLD registries amongst other responsibilities - tried asking nicely and were rebuffed. On Friday they put their foot down. This will get interesting and should serve as a bellwether for commercial control over Internet operations.

Given the magnitude of the issues that have been raised, and their potential impact on the security and stability of the Internet, the DNS and the .com and .net top level domains, VeriSign must suspend the changes to the .com and .net top-level domains introduced on 15 September 2003 by 6:00 PM PDT on 4 October 2003. Failure to comply with this demand by that time will leave ICANN with no choice but to seek promptly to enforce VeriSign's contractual obligations.

A good summary of ICANN's investigation is here. Related blogosphere commentary is here).

« Infosec: September 2003 | Main Index | Archives | Infosec: November 2003 »

About this Archive

This page is a archive of entries in the Infosec category from October 2003.

Infosec: September 2003 is the previous archive.

Infosec: November 2003 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Infosec: October 2003: Monthly Archives

Powered by Movable Type 4.01