Networking FastFacts

FastFacts on network vulnerabilities

Each year brings with it new and malicious viruses, worms and other threats to the world of IT. And each year, the SANS Institute publishes its "Top 20 Internet Security Vulnerabilities." In this edition of Networking FastFacts, we've highlighted those vulnerabilities on the SANS list that pose the most damage to enterprise networks.

Internet Explorer

As the most widely used browser on earth, it is no surprise that hackers and other nefarious types have found numerous ways to breach Internet Explorer's security features. According to SANS, the most common threats to IE include memory corruption, phishing attacks and "execution of arbitrary scripts." Fortunately, Microsoft routinely releases security patches to reign in these threats. Unfortunately, this sometimes doesn't happen until after the damage has been done.

More information from

    Requires Free Membership to View

Is a U.S. Internet blackout possible?
- Internet Explorer 7: Browsing and security enhancements

Cisco IOS routers and switches

Cisco's Internetwork Operating System routers and switches provide the backbone for nearly 85% of the Internet, according to SANS, making them a prime target for attack. While generally considered safe and secure, a number of vulnerabilities have been highlighted in the last year that can open the door to DoS and other attacks on enterprise networks that use Cisco IOS gear. Cisco, like Microsoft, publishes security alerts when a specific threat is found and SANS suggests that enterprises apply access lists on all interfaces and disable unnecessary features on its routers and switches to keep attacks at bay.

More information from
- New Cisco security strategy targets elusive threats
- Cisco stamps patches on timestamp flaws

CheckPoint, Symantec and Juniper gear

According to the SANS Institute, there are a number of vulnerabilities that could affect Juniper's operating system, JunOS, as well CheckPoint and Symantec VPN and firewalls. These vulnerabilities, it says, can be exploited "to reboot Juniper routers and compromise the Symantec and CheckPoint Firewall/VPN devices." The best way to protect enterprise networks from such attacks, says SANS, is to be sure to upgrade to the latest version of JunOS and run the patches released by CheckPoint and Symantec as soon as they become available.

More information from
- Juniper brings in the Funk for tighter security
- Major flaw affects multiple Symantec products

For the complete "Top 20 Internet Security Vulnerabilities," please visit the SANS Institute's Web site.

This was first published in December 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: