SANS Top 20

Contributed by jose on 2002-11-10 from the infrastructure dept.

SANS and the NIPC recently released an update top 20 security vulnerabilities . Many of these can be helped with OpenBSD solutions, but obviously some can't. SANS has a paper describing how to check for these vulnerabilities , and obviously some tools on the UNIX side of things may be useful. So, when thinking about how to secure your infrastructure, maybe pitch to the boss (or your employees, depending on which side you're on) about solutions using OpenBSD.

(Comments are closed)

Comments

By RC () on 2002-11-10 05:41

Would someone like to tell me what vulnerabilites can not be "helped with OpenBSD solutions". I must have missed something.

It seems to me that any of these problems can be solved by a good admin, and OpenBSD has tools like systrace (and OpenSSH priv sep) that can help significantly secure any running service.
By tase () on 2002-11-11 21:27

"
Our Apologies
Your Free Network Security Scan Interrupted.
A number of reasons could have caused the scan to interrupt.
For Example:

* Your host is inactive and does not respond to our QualysGuard scanner.
* Your host is behind a firewall.
* Your host is not connected to the Internet.

If you feel this is an error, please contact Qualys Support.

Copyright � 2002 Qualys, Inc. Privacy Policy
"

is this good or bad?

Latest Articles

Wed, Apr 24
- 04:35 Game of Trees 0.98 released (0)
Tue, Apr 23
- 05:25 pfctl(8) and systat(8) to display fragment reassembly statistics (0)
Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (12)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (3)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]