OpenBSD Journal

SANS Top 20

Contributed by jose on from the infrastructure dept.

SANS and the NIPC recently released an update top 20 security vulnerabilities . Many of these can be helped with OpenBSD solutions, but obviously some can't. SANS has a paper describing how to check for these vulnerabilities , and obviously some tools on the UNIX side of things may be useful. So, when thinking about how to secure your infrastructure, maybe pitch to the boss (or your employees, depending on which side you're on) about solutions using OpenBSD.

(Comments are closed)


Comments
  1. By RC () on

    Would someone like to tell me what vulnerabilites can not be "helped with OpenBSD solutions". I must have missed something.

    It seems to me that any of these problems can be solved by a good admin, and OpenBSD has tools like systrace (and OpenSSH priv sep) that can help significantly secure any running service.

  2. By tase () on

    "
    Our Apologies
    Your Free Network Security Scan Interrupted.
    A number of reasons could have caused the scan to interrupt.
    For Example:

    * Your host is inactive and does not respond to our QualysGuard scanner.
    * Your host is behind a firewall.
    * Your host is not connected to the Internet.


    If you feel this is an error, please contact Qualys Support.

    Copyright 2002 Qualys, Inc. Privacy Policy
    "

    is this good or bad?

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]