This just in by way of web-support, one of the mailing lists I'm subscribed to: http://searchenterpriselinux.techtarget.com/originalContent/0,289142,sid39_gci904844,00.html
In short (go read the article for descriptions):
- No. 1: Using weak and default passwords.
- No. 2: Leaving network ports open.
- No. 3: Running old software versions.
- No. 4: Running insecure and badly configured programs.
- No. 5: Having insufficient resources and misplaced priorities.
- No. 6: Failing to delete stale and unnecessary accounts.
- No. 7: Procrastinating.
I've just recently been reading up on securing Debian boxes, so most of this rings true. I've also watched customers' boxen get busted wide open, particularly because of point number 3: but it's a difficult choice. Do you pay out significant money to upgrade, or hope you never get cracked? Which is most costly in the long run?
In one particular case, we notified the customer they were running an old version of sendmail and needed to upgrade as exploits were out there. A little over a year later, they lost their machine. Now I've seen it happen, I try to be MUCH more careful.
If you're a Debianista, this should be essential bed-time reading.
Posted by savs at June 6, 2003 9:25 AM