Las diez principales debilidades de seguridad de una computadora en red [cerrado]

-1

Estoy buscando una lista de lo que consideraría que son las diez principales debilidades de seguridad de una computadora en red, pueden ser específicas de Windows o Linux, pero las que se aplican a ambas son mejores.

No estoy tan interesado en las vulnerabilidades particulares (es decir, no en las respuestas como MS08-67), sino en vectores de ataque genéricos que podrían presentar una vulnerabilidad.

Muchas gracias, -Tech

    
pregunta Technosites 12.06.2012 - 12:12
fuente

1 respuesta

3

Sólo se me ocurrieron 5 hasta ahora.

Aquí está mi lista en ningún orden en particular:

1. Configuración errónea de seguridad ( Top 10 de OWASP )

Good security requires having a secure configuration defined and deployed for the 
application, frameworks, application server, web server, database server, and platform. 
All these settings should be defined, implemented, and maintained as many are not 
shipped with secure defaults. This includes keeping all software up to date, including 
all code libraries used by the application.

2. Protección de la capa de transporte insuficiente ( Top 10 de OWASP )

Applications frequently fail to authenticate, encrypt, and protect the confidentiality 
and integrity of sensitive network traffic. When they do, they sometimes support weak 
algorithms, use expired or invalid certificates, or do not use them correctly.

This allows for packet sniffing.

3. Zero day exploits in software

Networked machines usually provide some kind of service, whether it be a SQL server, 
webserver or FTP server. Vulnerabilities in software will always be a threat as software 
never be developed without security issues.

Vulnerabilities that come under this is for example:
* SQL injection on a database
* XXS on a webserver
* Buffer overflow attacks on an application
* Format string attacks
* ...

4. Hijacking / Spoofing / Session replay

If a middleman is in some way able to observe the traffic between two nodes on a network 
he may try to capture the traffic, modify it and appear as the sender. 

Techniques such as ARP Poisoning comes unde rthis category.

5. Denegación de servicio

Disruption of service by some kind of resource starvation on the victim. I.e packet 
flooding to consume all half-open TCP connections or consuming all bandwith on a 
webserver.
    
respondido por el Chris Dale 12.06.2012 - 13:00
fuente

Lea otras preguntas en las etiquetas