to protect your computer? FREE
Security has become a major problem on the Internet. Most security threats are made by attackers using a relatively small number of vulnerabilities. Attackers, being relatively opportunistic, take the path of least resistance, and continue to take advantage of these most common failures, rather than seeking out new exploits or taking advantage of more difficult ones.
Top Windows Threats
1. Web servers and services. Default HTTP (Web) servers have had several vulnerabilities, and numerous patches have been issued over the past several years. Make sure all your patches are up to date, and do not use default configurations or default demonstration applications. These vulnerabilities may lead to denial-of-service attacks and other types of threats.
2. Microsoft SQL Server (MSSQL). Keep an eye on new patches for MSSQL and apply them as soon as possible. The Internet Storm Center always shows MSSQL's default ports, 1433 and 1434, as being among the most actively probed on the net. Any weakness will be quickly exploited.
3. Windows remote access services. A variety of remote access methods are included by default on most systems. These systems can be very useful, but also very dangerous, and an attacker with the right tools can easily gain control over a host.
4. Windows authentication Most Windows systems use passwords,
but passwords can be easily guessed or stolen. Good password management
is the key to effective authentication. Passwords should contain characters
from three of the following four categories: English uppercase characters
(A through Z), English lowercase characters (a through z), Base 10 digits
(0 through 9), non-alphanumeric characters (for example, !, $, #, %).
6. File sharing applications. Peer-to-peer (P2P) programs are commonly used to share files. In a P2P system, computers are open to others in the P2P network to allow for all participants to search for and download files from one another. Many corporations forbid use of P2P networks because of the obvious risk of compromised data.
7. Microsoft Data Access Components (MDAC) The Remote Data Services component of many MDAC versions has serious vulnerabilities.
8. Windows Scripting Host (WSH) You probably can't simply disable WSH because it's used for many administrative and desktop automation functions, so you should simply change the default treatment of script files with these extensions: .vbs, .vbe, .js, jse, and .wsf.
9. Mail client. Attackers can use the mail client on a computer to spread worms or viruses, by including them as attachments in emails. Configuring the mail server appropriately, and blocking attachments such as .exe or .vbs files, will prevent most mail client attacks.
10. Instant messaging. Many corporations also block employees from using instant messaging, not only because of the technical threats but also because of the possibility of lost productivity. Configuring IM properly, applying all the latest patches, and taking control over any file transfers that occur over IM will prevent most attacks.
11. LSAS exposures. The Windows Local Security Authority Subsystem (LSAS) has a critical buffer overflow that can be exploited by an attacker to gain control over the system. Again, proper configuration and application of patches will prevent most exploits.