October 13, 2004 -- (WEB HOST INDUSTRY REVIEW) -- The SANS Institute (sans.org), a computer security training organization, recently released its fifth annual list of the top 20 Internet security vulnerabilities. The vulnerabilities, compiled by security experts from government, education and industry, were listed in two separate tables of ten ? one for Windows and one for Unix.
According to the SANS Institute, the majority of successful attacks exploit one or more of these 20 vulnerabilities.
The top 10 vulnerabilities for Windows were, in order, Web servers and services, workstation service, Windows remote access services, Microsoft SQL Server, Windows authentication, Web browsers, file-sharing applications, LSAS exposures, mail client and instant messaging.
The top 10 list for Unix were, in order, BIND domain name system, Web server, authentication, version control systems, mail transport service, simple network management protocol, open secure sockets layer, mis-configuration of enterprise services, databases and kernel.
