SANS Institute Top 20 Computer Security Risks

[Camper]

Here is the SANS Institute Top 20 Computer Security Risks with solutions to these risks. I found it a good read some of it is common sense but I thought I'd pass it along.

http://www.sans.org/top20/#c2

 

[tlarkin]

#1 vulnerability, running Microsoft Windows.

 

[Camper]

#1 vulnerability, running Microsoft Windows.

 

[tlarkin]

Sorry, that is what I got from that article, is that the #1 vulnerability is loading windows on your machine. All the vulnerabilities they list are against windows. What does that tell you?

Brute force and zero config exploits are the only ones listed for Unix, Linux, and OS X which are kind of a no brainer.

 

[Camper]

True, mainly because the majority of people online are using Windows. It would be the same for Linux if it had the market share that Microsoft enjoys.

 

[tlarkin]

True, mainly because the majority of people online are using Windows. It would be the same for Linux if it had the market share that Microsoft enjoys.

I agree with you that if another OS was the major market share exploiters would go after it. However, by design windows is the least secure operating system, making all users run as admin to do certain things, allowing applications access to the windows kernel, and allowing active X direct access to the kernel are huge design flaws that allow for a less secure model of OS. To put it simply, I am just saying windows is very sloppily coded.

 

[Camper]

I agree with you that if another OS was the major market share exploiters would go after it. However, by design windows is the least secure operating system, making all users run as admin to do certain things, allowing applications access to the windows kernel, and allowing active X direct access to the kernel are huge design flaws that allow for a less secure model of OS. To put it simply, I am just saying windows is very sloppily coded.

I agree Microsoft has made ease of use a priority over security. Did you see the DropMyRights program:

DropMyRights is a very simple application to help users who must run as an administrator run applications in a much-safer context—that of a non-administrator. It does this by taking the current user's token, removing various privileges and SIDs from the token, and then using that token to start another process, such as Internet Explorer or Outlook. This tool works just as well with Mozilla's Firefox, Eudora, or Lotus Notes e-mail.

http://msdn2.microsoft.com/en-us/library/ms972827.aspx

 

[tlarkin]

I agree Microsoft has made ease of use a priority over security. Did you see the DropMyRights program:



http://msdn2.microsoft.com/en-us/library/ms972827.aspx

No, I haven't seen that before, thanks for the link. It is kind of a band aid approach. In the end at my work, we decided to deep freeze the hard drives. Now our help desk tickets have dropped from 85% being spyware/malware to now only a few computers here and there have those issues (and those are usually ones we leave un frozen or "thawed" for whatever reason).

Why doesn't windows just do that natively? Think of all the exploits it would stop if just installing software required authentication?

 

[Camper]

It's to bad the average computer user dose not want to be hassled with using authentication to install software. I think Microsoft was trying to hard to make there GUI user friendly. Deep Freeze is one of the best security software I have seen. It's almost like running a new system every time you boot up. I work for my School's help desk ans we never get any obvious spyware or virus related calls.