A little perspective on security.

BeerCheeze

I know MANY people really like to hound on MS for windows, saying how insecure it is, and that it is the worst software out there for security. However as someone who is an IT security professional I get to see the whole picture. I thought I would share a little glimpse of this picture with you folks. Not only so you might start to realize that Windows isn't as bad as you think, but even more importantly to open your eyes to see how wide the security gap really is. This is a blurb from a newletter I get from the SANS institute (http://www.sans.org)

Summary of the vulnerabilities reported this week:

==========================================================================
Platform # of Updates & Vulnerabilities
=====================================================

Windows 1
Third Party Windows Apps 7
Unix 1
Cross Platform 8
Web Application 21
Network Device 3 (#1, #2)

Widely Deployed Software
(1) MODERATE: Cisco IOS Firewall FTP and Telnet Authentication Proxy Overflow

Other Software
(2) HIGH: Barracuda Networks Spam Firewall Remote Command Execution

-- Windows
05.36.1 - Microsoft Internet Explorer Unspecified Remote Code Execution
-- Third Party Windows Apps
05.36.2 - ALZip ACE Archive File Name Buffer Overflow
05.36.3 - CSystems WebArchiveX ActiveX Component Arbitrary File Vulnerabilities
05.36.4 - Rediff Bol Instant Messenger ActiveX Control Information Disclosure Vulnerability
05.36.5 - AttachmateWRQ Reflection for Secure IT Windows Server Renamed Account Remote Login
05.36.6 - AttachmateWRQ Reflection for Secure IT Windows Server Access Restriction Bypass
05.36.7 - 3Com Network Supervisor Directory Traversal Vulnerability
05.36.8 - WhitSoft Development SlimFTPd Remote Denial of Service
-- Unix
05.36.9 - OpenTTD Multiple Unspecified Format String Vulnerabilities
-- Cross Platform
05.36.10 - Symantec Brightmail AntiSpam Deeply Nested Zip File Denial Of Service
05.36.11 - Symantec Brightmail AntiSpam Winmail.DAT Decomposer Denial of Service
05.36.12 - HP OpenView Event Correlation Services Unspecified Remote Privilege Escalation
05.36.13 - Squid Proxy SSLConnectTimeout Remote Denial Of Service
05.36.14 - Multiple Vendor Web Vulnerability Scanners HTML Injection
05.36.15 - NetMail Remote IMAP Heap Buffer Overflow
05.36.16 - OpenSSH DynamicForward Inadvertent GatewayPorts Activation
05.36.17 - OpenSSH GSSAPI Credential Disclosure Vulnerability
-- Web Application
05.36.18 - man2web Multiple Scripts Command Execution
05.36.19 - Land Down Under Events.PHP HTML Injection
05.36.20 - Feedback Form Perl Script CHFeedBack.PL Unauthorized Mail Relay
05.36.21 - Unclassified NewsBoard Description Field HTML Injection
05.36.22 - MAXdev MD-Pro Arbitrary Remote File Upload
05.36.23 - MAXdev MD-Pro Multiple Cross-Site Scripting Vulnerabilities
05.36.24 - GuppY PrintFAQ.PHP Cross-Site Scripting
05.36.25 - GuppY Error.PHP HTML Injection
05.36.26 - MyBulletinBoard Forumdisplay.PHP Cross-Site Scripting
05.36.27 - myBloggie login.php SQL Injection
05.36.28 - MAXdev MD-Pro Cross-Site Scripting
05.36.29 - SqWebMail HTML Email Script Tag Script Injection
05.36.30 - PBLang Bulletin Board System Multiple Remote Vulnerabilities
05.36.31 - Plain Black Software WebGUI Remote Perl Command Execution Vulnerabilities
05.36.32 - DownFile Multiple Cross-Site Scripting Vulnerabilities
05.36.33 - DownFile Administrator Unauthorized Access
05.36.34 - Greymatter Gm.CGI HTML Injection
05.36.35 - CMS Made Simple Cross-Site Scripting
05.36.36 - PHPGroupWare Main Screen Message Script Injection
05.36.37 - gBook Multiple Unspecified Cross-Site Scripting Vulnerabilities
05.36.38 - Phorum Register.PHP Cross-Site Scripting
-- Network Device
05.36.39 - Cisco IOS Firewall Authentication Proxy Buffer Overflow
05.36.40 - Barracuda Spam Firewall IMG.PL Remote Command Execution
05.36.41 - Barracuda Spam Firewall IMG.PL Remote Directory Traversal

knight0334 · Posted: Sun, 11 Sep 2005 13:35:14 Post Subject:

I've said before at IANAG a year or 3 ago, that the Windows security issue is being blown out of proportion. ...that MS is the scapegoat for all OS's faults.

Along with my post was attached proof that in the given number of years study that Unix/Linux had more security issues and patches then Microsoft's Windows ME, 2K, XP and 2K3. ...and that MS was just as fast, if not faster, at rolling out a fix for a given issue.

Everyone wants to take a punch at MS because they think MS is the spawn of Satin. ...everyone from users, truly informed people, to malicious code writers.

What it really comes down to is, you wouldn't need locks on the doors if there were no thieves. ....the thieves and malicious people are the problem.

dadx2mj · Posted: Sun, 11 Sep 2005 13:50:33 Post Subject:

I personally believe that the end user is the biggest security risk because of ignorance more so than any OS out there. Lets face it I dont care who you are, MS , Linux, etc if you build an OS someone will find a way to break in.

**JimBowy** · Moderator Joined: 02 Aug 2003 Posts: 1627