Re: Ten least secure programs

[compguruman () mail comcast net]

Heres my $0.02:
Well i would list wireless networking as #1.  At least for now until we 
start seeing new standards come out that really start addressing 
security.  Also ASP should be on their.  mostly because of configuration 
errors allowing users to run arbitrary code.  IPv4 should be on there 
too.  Oh, and network HP printers if that counts :).

At 03:08 PM 6/28/2003 -0700, Chris Berry wrote:
> I'm putting together a list of what seem to be the ten least secure 
> computer items in use today with the idea of having a set of things to 
> recommend AGAINST people using, probably to be posted on the IT room door 
> with a note like "NO, you cannot use the following!!".  Here is what I 
> have so far, I'm looking for additions and comments.  The list is in order 
> from with the worst offender being number one.  These should be products 
> whose inheirent design is flawed, not that are just difficult to 
> secure.  I expect vigorous discussion. *putting on flame retardent 
> garments*  Oh, and leave Operating systems out of this one.
>
> 1) Microsoft Outlook
> 2) Telnet
> 3) Sendmail
> 4) IIS Server
> 5) Wireless networking
> 6) PHP
> 7) ?
> 8) ?
> 9) ?
> 10) ?
>
> Chris Berry
> compjma () hotmail com
> Systems Administrator
> JM Associates
>
> "Within every man beats a heart of darkness." --The Shadow



---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
    
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
         
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------