The SANS Institute and the FBIs National Infrastructure Protection Center on Monday released a scanning tool designed to find 20 common network vulnerabilities, as well as a document listing steps to fix each problem.
The list is an expansion of the original Top Ten list released by the two groups last year and is meant to give systems administrators a prioritized checklist of the most dangerous vulnerabilities. It is divided into three sections: general vulnerabilities, Windows flaws and Unix flaws.
The problems range from using default installations of operating systems to non-existent or incomplete system backups to the infamous ISAPI buffer overflow in Microsoft Corp.s IIS Web server software. Many of the vulnerabilities on the list are simple, non-software-related problems such as weak passwords that are often overlooked.
“The majority of successful attacks on computer systems via the Internet can be traced to the exploitation of security flaws on this list,” SANS said in its bulletin. “The easy and rapid spread of the Code Red and Nimda worms can be traced to exploitation of unpatched vulnerabilities on this list.”
The scanning tool is a modified version of SARA, a free network-scanning program. It is available at the Center for Internet Securitys web site, www.cisecurity.org.
The release of the updated list and scanning tool coincide with an increased emphasis on both network and physical security in the wake of the terrorist attacks three weeks ago. Security experts and government agencies have warned that the expected United States retaliation for the attacks could trigger not only further terror incidents but an increase in the number of computer attacks on U.S. networks as well.