SlideShare ist ein Scribd-Unternehmen logo

The Top 10/20 Internet Security Vulnerabilities – A Primer

A
amiable_indian

The Top 10/20 Internet Security Vulnerabilities – A Primer

TechnologieSeele & Geist
1 von 82
The Top 10/20 Internet Security Vulnerabilities – A Primer Randy Marchany VA Tech Computing Center The SANS Institute COVITS 2000
Introduction ,[object Object],[object Object],[object Object],[object Object]
Introduction ,[object Object],[object Object],[object Object]
Pay Me Now or Pay Me Later ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Why Are We Vulnerable? ,[object Object],[object Object],[object Object]
So Many Systems, Not Enough Time….. ,[object Object],[object Object],[object Object],[object Object],[object Object]
Hacking = Rocket Science? Not! ,[object Object],[object Object]
Why Are the Attacks Successful? ,[object Object],[object Object]
Why Are the Attacks Successful? ,[object Object],[object Object],[object Object]
Some Pointers About the Lists ,[object Object],[object Object],[object Object],[object Object],[object Object]
Some Pointers about the Lists ,[object Object],[object Object],[object Object],[object Object]
Some More Pointers about the Lists ,[object Object],[object Object]
Some More Pointers about the Lists ,[object Object],[object Object],[object Object],[object Object],[object Object]
Item #1: BIND ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #1: BIND ,[object Object],[object Object]
Item #1: BIND ,[object Object],[object Object],[object Object],[object Object]
Item #2: CGI Scripts ,[object Object],[object Object],[object Object],[object Object]
The Second Item – CGI Scripts ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #3: Remote Procedure Calls (RPC) ,[object Object],[object Object],[object Object],[object Object]
Item #3: Remote Procedure Calls (RPC) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Item #4: Microsoft Internet Information Server (IIS) ,[object Object],[object Object],[object Object]
Item #4: Microsoft Internet Information Server (IIS) ,[object Object],[object Object],[object Object],[object Object]
Item #5: Sendmail Weakness ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #5: Sendmail Weakness ,[object Object],[object Object],[object Object],[object Object],[object Object]
Item #6: sadmind and mountd ,[object Object],[object Object]
Item #6: sadmind and mountd ,[object Object],[object Object],[object Object],[object Object],[object Object]
Item #7: Global File Sharing ,[object Object],[object Object]
Item #7: Global File Sharing ,[object Object],[object Object]
Item #7: Global File Sharing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #8: User Accounts with No Passwords ,[object Object],[object Object]
Item #8: User Accounts with No Passwords ,[object Object],[object Object]
Item #8: User Accounts with No Passwords ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #9: IMAP, POP Vulnerabilities ,[object Object],[object Object]
Item #9: IMAP, POP Vulnerabilities ,[object Object],[object Object]
Item#9: IMAP, POP Vulnerabilities ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Item #10: SNMP Vulnerabilities ,[object Object],[object Object]
Item #10: SNMP Vulnerabilities ,[object Object],[object Object]
Item #10: SNMP Vulnerabilities ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object],[object Object]
The SANS/FBI Top 20 List If we had fixed the top 10, there wouldn’t be a top 20. 
Top 20 List Organization ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Top 20 Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Top 20 Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Top 20 Summary ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
G1: Default OS Installations ,[object Object],[object Object],[object Object],[object Object]
G1: Default OS Installations ,[object Object],[object Object]
G1: Default OS Installations ,[object Object],[object Object],[object Object]
G1: Default OS Installations ,[object Object],[object Object],[object Object],[object Object]
G3: Non-existent, Incomplete Backups ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
G3: Non-existent, Incomplete Backups ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
G3: Non-existent, Incomplete Backups ,[object Object],[object Object],[object Object]
G4: Large Number of Open Ports ,[object Object],[object Object],[object Object],[object Object]
G4: Large Number of Open Ports ,[object Object],[object Object],[object Object],[object Object]
G4: Large Number of Open Ports ,[object Object],[object Object],[object Object],[object Object]
G5: Incorrect Ingress/Egress Router Filters ,[object Object],[object Object],[object Object],[object Object],[object Object]
G5: Incorrect Ingress/Egress Router Filters ,[object Object],[object Object],[object Object]
G5: Incorrect Ingress/Egress Router Filters ,[object Object],[object Object],[object Object],[object Object],[object Object]
G6: Non-existent, Incomplete Logging ,[object Object],[object Object],[object Object],[object Object],[object Object]
G6: Non-existent, Incomplete Logging ,[object Object],[object Object],[object Object],[object Object],[object Object]
W1: Unicode – Web Server Traversal ,[object Object],[object Object],[object Object],[object Object]
W1: Unicode – Web Server Traversal ,[object Object],[object Object],[object Object],[object Object]
W1: Unicode – Web Server Traversal ,[object Object],[object Object],[object Object]
W1: Unicode – Web Server Traversal ,[object Object],[object Object]
W1: Unicode – Web Server Traversal ,[object Object],[object Object],[object Object],[object Object]
W2: ISAPI Extension Buffer Overflows ,[object Object],[object Object],[object Object],[object Object]
W2: ISAPI Extension Buffer Overflows ,[object Object],[object Object],[object Object]
W2: ISAPI Extension Buffer Overflows ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
W5: Null Session Connections ,[object Object],[object Object],[object Object]
W5: Null Session Connections ,[object Object],[object Object],[object Object],[object Object]
W5: Null Session Connections ,[object Object],[object Object],[object Object],[object Object]
W6: Weak Hashing in SAM ,[object Object],[object Object],[object Object],[object Object]
W6: Weak Hashing in SAM ,[object Object],[object Object],[object Object],[object Object]
W6: Weak Hashing in SAM ,[object Object],[object Object],[object Object],[object Object]
U4: R Commands ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
U4: R Commands ,[object Object],[object Object],[object Object],[object Object],[object Object]
U5: LPD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
U5:LPD ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common Vulnerable Ports ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common Vulnerable Ports ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Common Vulnerable Ports ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Summary ,[object Object],[object Object],[object Object]
References ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Empfohlen

Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
WIFI; making a wireless connection
WIFI; making a wireless connectionWIFI; making a wireless connection
WIFI; making a wireless connectionWebster University
 
Webscarab demo @ OWASP Belgium
Webscarab demo @ OWASP BelgiumWebscarab demo @ OWASP Belgium
Webscarab demo @ OWASP BelgiumPhilippe Bogaerts
 
Attacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network SelectionAttacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network Selectionamiable_indian
 
Writing Secure Code – Threat Defense
Writing Secure Code – Threat DefenseWriting Secure Code – Threat Defense
Writing Secure Code – Threat Defenseamiable_indian
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Windows network
Windows networkWindows network
Windows networkJithesh Nair
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows Vrushank Narola
 

Empfohlen

Freeware Security Tools You Need
Freeware Security Tools You NeedFreeware Security Tools You Need
Freeware Security Tools You Needamiable_indian
 
WIFI; making a wireless connection
WIFI; making a wireless connectionWIFI; making a wireless connection
WIFI; making a wireless connectionWebster University
 
Webscarab demo @ OWASP Belgium
Webscarab demo @ OWASP BelgiumWebscarab demo @ OWASP Belgium
Webscarab demo @ OWASP BelgiumPhilippe Bogaerts
 
Attacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network SelectionAttacking Automatic Wireless Network Selection
Attacking Automatic Wireless Network Selectionamiable_indian
 
Writing Secure Code – Threat Defense
Writing Secure Code – Threat DefenseWriting Secure Code – Threat Defense
Writing Secure Code – Threat Defenseamiable_indian
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Windows network
Windows networkWindows network
Windows networkJithesh Nair
 
How to Hack WiFi on Windows
How to Hack WiFi on Windows How to Hack WiFi on Windows
How to Hack WiFi on Windows Vrushank Narola
 
Firewall
FirewallFirewall
FirewallManikyala Rao
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hackingPranshu Pareek
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksNortheast Ohio Information Security Forum
 
Firewall Essentials
Firewall EssentialsFirewall Essentials
Firewall EssentialsSylvain Maret
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay aliveqqlan
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeleyjoebeone
 
Denis Baranov: Root via XSS
Denis Baranov: Root via XSSDenis Baranov: Root via XSS
Denis Baranov: Root via XSSqqlan
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Cyber Security Alliance
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security Hariraj Rathod
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
The New Landscape of Airborne Cyberattacks
The New Landscape of Airborne CyberattacksThe New Landscape of Airborne Cyberattacks
The New Landscape of Airborne CyberattacksPriyanka Aash
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 
101 run commands
101 run commands101 run commands
101 run commandsSunil Patel
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations CenterBill Ross
 

Weitere ähnliche Inhalte

Was ist angesagt?

Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Mandeep Jadon
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumerationleminhvuong
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewallsphanleson
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networksSahil Rai
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hackingPranshu Pareek
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityAhmad Yar
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEric Vanderburg
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay aliveqqlan
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeleyjoebeone
 
Denis Baranov: Root via XSS
Denis Baranov: Root via XSSDenis Baranov: Root via XSS
Denis Baranov: Root via XSSqqlan
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikPositive Hack Days
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Cyber Security Alliance
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2ratnalajaggu
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security Hariraj Rathod
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSavvius, Inc
 
The New Landscape of Airborne Cyberattacks
The New Landscape of Airborne CyberattacksThe New Landscape of Airborne Cyberattacks
The New Landscape of Airborne CyberattacksPriyanka Aash
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?Dmitry Evteev
 

Was ist angesagt? (20)

Firewall
FirewallFirewall
Firewall
 
Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)Hacking Wireless Networks : Null Delhi (November)
Hacking Wireless Networks : Null Delhi (November)
 
Module 4 Enumeration
Module 4 EnumerationModule 4 Enumeration
Module 4 Enumeration
 
Firewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth FirewallsFirewall - Network Defense in Depth Firewalls
Firewall - Network Defense in Depth Firewalls
 
Hacking wireless networks
Hacking wireless networksHacking wireless networks
Hacking wireless networks
 
Fundamentals of network hacking
Fundamentals of network hackingFundamentals of network hacking
Fundamentals of network hacking
 
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber SecurityHow Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
How Hack WiFi through Aircrack-ng in Kali Linux Cyber Security
 
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric VanderburgEthical hacking Chapter 7 - Enumeration - Eric Vanderburg
Ethical hacking Chapter 7 - Enumeration - Eric Vanderburg
 
Attacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise NetworksAttacking and Securing WPA Enterprise Networks
Attacking and Securing WPA Enterprise Networks
 
Firewall Essentials
Firewall EssentialsFirewall Essentials
Firewall Essentials
 
How to hack a telecom and stay alive
How to hack a telecom and stay aliveHow to hack a telecom and stay alive
How to hack a telecom and stay alive
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
 
Denis Baranov: Root via XSS
Denis Baranov: Root via XSSDenis Baranov: Root via XSS
Denis Baranov: Root via XSS
 
How to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey GordeychikHow to hack a telecommunication company and stay alive. Sergey Gordeychik
How to hack a telecommunication company and stay alive. Sergey Gordeychik
 
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100Create a-strong-two-factors-authentication-device-for-less-than-chf-100
Create a-strong-two-factors-authentication-device-for-less-than-chf-100
 
Security & ethical hacking p2
Security & ethical hacking p2Security & ethical hacking p2
Security & ethical hacking p2
 
Exploiting WiFi Security
Exploiting WiFi Security Exploiting WiFi Security
Exploiting WiFi Security
 
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network AttacksSecurity Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
 
The New Landscape of Airborne Cyberattacks
The New Landscape of Airborne CyberattacksThe New Landscape of Airborne Cyberattacks
The New Landscape of Airborne Cyberattacks
 
Penetration testing, What’s this?
Penetration testing, What’s this?Penetration testing, What’s this?
Penetration testing, What’s this?
 

Andere mochten auch

101 run commands
101 run commands101 run commands
101 run commandsSunil Patel
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations CenterBill Ross
 
Networking session-4-final by aravind.R
Networking session-4-final by aravind.RNetworking session-4-final by aravind.R
Networking session-4-final by aravind.RNavaneethan Naveen
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utilityVishal Kumar
 
Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commonsamiable_indian
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows Anand Garg
 
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_software
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_softwareUccn1003 -may10_-_lect02a_-_intro_to_networking_commands_software
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_softwareShu Shin
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 

Andere mochten auch (13)

101 run commands
101 run commands101 run commands
101 run commands
 
Cyber Intelligence Operations Center
Cyber Intelligence Operations CenterCyber Intelligence Operations Center
Cyber Intelligence Operations Center
 
1218 MVT
1218 MVT1218 MVT
1218 MVT
 
Trace route
Trace route Trace route
Trace route
 
Networking session-4-final by aravind.R
Networking session-4-final by aravind.RNetworking session-4-final by aravind.R
Networking session-4-final by aravind.R
 
Information gathering using windows command line utility
Information gathering using windows command line utilityInformation gathering using windows command line utility
Information gathering using windows command line utility
 
Phishing As Tragedy of the Commons
Phishing As Tragedy of the CommonsPhishing As Tragedy of the Commons
Phishing As Tragedy of the Commons
 
100+ run commands for windows
100+ run commands for windows 100+ run commands for windows
100+ run commands for windows
 
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_software
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_softwareUccn1003 -may10_-_lect02a_-_intro_to_networking_commands_software
Uccn1003 -may10_-_lect02a_-_intro_to_networking_commands_software
 
Windows network security
Windows network securityWindows network security
Windows network security
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Network security
Network securityNetwork security
Network security
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 

Ähnlich wie The Top 10/20 Internet Security Vulnerabilities – A Primer

Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII studentsAkiumi Hasegawa
 
The Media Access Control Address
The Media Access Control AddressThe Media Access Control Address
The Media Access Control AddressAngie Lee
 
Dev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityDev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityMario Heiderich
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9Geoff Pesimo
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for EveryoneNikhil Mittal
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threatsKishore Kumar
 
Two-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for EveryoneTwo-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for EveryonePaul Melson
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network SecurityHarish Chaudhary
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTDHRUV562167
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersSomyos U.
 
Layer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdfLayer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdfdistortdistort
 
Lab-10 Malware Creation and Denial of Service (DoS) In t.docx
Lab-10 Malware Creation and Denial of Service (DoS) In t.docxLab-10 Malware Creation and Denial of Service (DoS) In t.docx
Lab-10 Malware Creation and Denial of Service (DoS) In t.docxpauline234567
 

Ähnlich wie The Top 10/20 Internet Security Vulnerabilities – A Primer (20)

Hacking
HackingHacking
Hacking
 
Hacking
HackingHacking
Hacking
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Hacking and its Defence
Hacking and its DefenceHacking and its Defence
Hacking and its Defence
 
Hacking tutorial
Hacking tutorialHacking tutorial
Hacking tutorial
 
Hacking In Detail
Hacking In DetailHacking In Detail
Hacking In Detail
 
The Media Access Control Address
The Media Access Control AddressThe Media Access Control Address
The Media Access Control Address
 
Dev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT SecurityDev and Blind - Attacking the weakest Link in IT Security
Dev and Blind - Attacking the weakest Link in IT Security
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Hacking 1224807880385377-9
Hacking 1224807880385377-9Hacking 1224807880385377-9
Hacking 1224807880385377-9
 
Teensy Programming for Everyone
Teensy Programming for EveryoneTeensy Programming for Everyone
Teensy Programming for Everyone
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Sembang2 Keselamatan It 2004
Sembang2 Keselamatan It 2004Sembang2 Keselamatan It 2004
Sembang2 Keselamatan It 2004
 
Recognizing security threats
Recognizing security threatsRecognizing security threats
Recognizing security threats
 
Two-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for EveryoneTwo-For-One Talk: Malware Analysis for Everyone
Two-For-One Talk: Malware Analysis for Everyone
 
01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security01_Metasploit - The Elixir of Network Security
01_Metasploit - The Elixir of Network Security
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
 
Event - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security PerimetersEvent - Internet Thailand - Total Security Perimeters
Event - Internet Thailand - Total Security Perimeters
 
Layer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdfLayer7-WebServices-Hacking-and-Hardening.pdf
Layer7-WebServices-Hacking-and-Hardening.pdf
 
Lab-10 Malware Creation and Denial of Service (DoS) In t.docx
Lab-10 Malware Creation and Denial of Service (DoS) In t.docxLab-10 Malware Creation and Denial of Service (DoS) In t.docx
Lab-10 Malware Creation and Denial of Service (DoS) In t.docx
 

Mehr von amiable_indian

Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art amiable_indian
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentestersamiable_indian
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Securityamiable_indian
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...amiable_indian
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CDamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in Indiaamiable_indian
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyamiable_indian
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Codingamiable_indian
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learnedamiable_indian
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunityamiable_indian
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writersamiable_indian
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecuritiesamiable_indian
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentationamiable_indian
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualizationamiable_indian
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Timeamiable_indian
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics? amiable_indian
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Tellingamiable_indian
 

Mehr von amiable_indian (20)

Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art Cisco IOS Attack & Defense - The State of the Art
Cisco IOS Attack & Defense - The State of the Art
 
Secrets of Top Pentesters
Secrets of Top PentestersSecrets of Top Pentesters
Secrets of Top Pentesters
 
Workshop on Wireless Security
Workshop on Wireless SecurityWorkshop on Wireless Security
Workshop on Wireless Security
 
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
Insecure Implementation of Security Best Practices: of hashing, CAPTCHA's and...
 
Workshop on BackTrack live CD
Workshop on BackTrack live CDWorkshop on BackTrack live CD
Workshop on BackTrack live CD
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
State of Cyber Law in India
State of Cyber Law in IndiaState of Cyber Law in India
State of Cyber Law in India
 
AntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the uglyAntiSpam - Understanding the good, the bad and the ugly
AntiSpam - Understanding the good, the bad and the ugly
 
Reverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure CodingReverse Engineering v/s Secure Coding
Reverse Engineering v/s Secure Coding
 
Network Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons LearnedNetwork Vulnerability Assessments: Lessons Learned
Network Vulnerability Assessments: Lessons Learned
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Immune IT: Moving from Security to Immunity
Immune IT: Moving from Security to ImmunityImmune IT: Moving from Security to Immunity
Immune IT: Moving from Security to Immunity
 
Reverse Engineering for exploit writers
Reverse Engineering for exploit writersReverse Engineering for exploit writers
Reverse Engineering for exploit writers
 
Hacking Client Side Insecurities
Hacking Client Side InsecuritiesHacking Client Side Insecurities
Hacking Client Side Insecurities
 
Web Exploit Finder Presentation
Web Exploit Finder PresentationWeb Exploit Finder Presentation
Web Exploit Finder Presentation
 
Network Security Data Visualization
Network Security Data VisualizationNetwork Security Data Visualization
Network Security Data Visualization
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Top Network Vulnerabilities Over Time
Top Network Vulnerabilities Over TimeTop Network Vulnerabilities Over Time
Top Network Vulnerabilities Over Time
 
What are the Business Security Metrics?
What are the Business Security Metrics? What are the Business Security Metrics?
What are the Business Security Metrics?
 
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-TellingNo Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling
 

Kürzlich hochgeladen

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 

Kürzlich hochgeladen (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 

The Top 10/20 Internet Security Vulnerabilities – A Primer

  • 1. The Top 10/20 Internet Security Vulnerabilities – A Primer Randy Marchany VA Tech Computing Center The SANS Institute COVITS 2000
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40. The SANS/FBI Top 20 List If we had fixed the top 10, there wouldn’t be a top 20. 
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 77.
  • 78.
  • 79.
  • 80.
  • 81.
  • 82.