SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Posted On 2007年1月13日 星期六 at 於 下午1:50 by Lani知名資安組織The SANS (SysAdmin, Audit, Network, Security),列出2006年網路安全中,TOP 20 弱點攻擊目標:
- Operating Systems
- W1. Internet Explorer
- W2. Windows Libraries
- W3. Microsoft Office
- W4. Windows Services
- W5. Windows Configuration Weaknesses
- M1. Mac OS X
- U1. UNIX Configuration Weaknesses
- Cross-Platform Applications
- C1 Web Applications
- C2. Database Software
- C3. P2P File Sharing Applications
- C4 Instant Messaging
- C5. Media Players
- C6. DNS Servers
- C7. Backup Software
- C8. Security, Enterprise, and Directory Management Servers
- Network Devices
- N1. VoIP Servers and Phones
- N2. Network and Other Devices Common Configuration Weaknesses
- Security Policy and Personnel
- H1. Excessive User Rights and Unauthorized Devices
- H2. Users (Phishing/Spear Phishing)
- Special Section
- Z1. Zero Day Attacks and Prevention Strategies