Learning Objectives
Background
One of the most popular and trusted sites related to defending against
computer and network security
Threats is SANS. SANS stands for SysAdmin, Audit, Network, Security.
SANS contains several components, each a major contributor to
information security. For additional information about the SANS site, go
to http: //www.sans.org/, and select items from the Resources menu.
How can a corporate security administrator quickly identify security
threats? SANS and the FBI have compiled their list of the top 20 Internet
Security Attack Targets at http://www.sans.org/top20/. The list is
regularly updated with information formatted by:
Scenario
CCNA Exploration
Network Fundamentals:
Living in a Network-Centric World Activity 1.4.5 Identifying Top Security
Vulnerabilities
All contents are Copyright © 1992–2007 Cisco Systems, Inc. All rights
reserved. This document is Cisco Public Information. Page 2 of 4
Task 1: Locate the SANS Resources.
N1. VoIP Servers and Phones
N2. Network and Other Devices Common Configuration Weaknesses
The last line under several topics references Common Vulnerability Exposure
(CVE). The CVE name is linked to the National Institute of Standards and
Technology (NIST) National Vulnerability Database (NVD), sponsored by the
Department of Homeland Security (DHS) National Cyber Security Division and US
CERT, which contains information about the vulnerability.
CCNA Exploration
Network Fundamentals:
Living in a NetworkCentric World Activity 1.4.5 Identifying Top Security
Vulnerabilities
Rta:
Note that the latest cumulative update for Internet Explorer includes all the previous cumulative updates.
Also note that MS07-017 does not list vulnerabilities in Internet Explorer; however, the most common avenue
of exploitation is via Internet Explorer.
C1.2 Operating Systems Affected
While in theory any web browser on any operating system is vulnerable, the most common web browsers will
tend to be targeted most by attackers. The two most popular web browsers on the Internet today are
Microsoft Internet Explorer and Mozilla Firefox.
Internet Explorer 5.x, 6.x and 7 running on all versions of Windows are affected
Firefox running on any version of compatible operating systems is potentially vulnerable.
As plug-ins are generally used to enable access to third party file formats, many plug-in vulnerabilities apply
to all compatible browsers on all operating systems. Any web browser running on any version of any
operating system is potentially vulnerable.
Original release date: 2/13/2007
Last revised: 5/16/2007
Source: USCERT/NIST
Overview:
__
Microsoft Internet_Explorer 5.01, 6 y 7 usan objetos COM de Imjpcksid.dll como
Activex Controls, el cual permite a los intrusos ejecutar vías desconocidas
arbitrariamente.
CVSS Severity: (Version 2.0):
Base Score: 9.3 (High)
Range: 8.6
Authentication: No requiere expansión
Impact Type: Proporciona permiso de administrador, permite completa
confiabilidad, integridad y violación disponible, permite acercamiento de la
información no autorizada, permite interrupción del servicio.
The next heading contains links with information about the vulnerability and
possible solutions.
Step 4: Using the hyperlinks, write a brief description of the
solution as found on those pages.
Rta/: Aplicar actualizaciones de Microsoft con los boletines de seguridad , a la vez
estos paquetes actualizados se adquieren desde los sistemas de distribución de
los servicios actualizados de los servidores de Windows ( WSUS).
CCNA Exploration
Network Fundamentals:
Living in a NetworkCentric World Activity 1.4.5 Identifying Top Security
Vulnerabilities
Task 4: Reflection
The number of vulnerabilities to computers, networks, and data continues to
increase. The governments have dedicated significant resources to coordinating
and disseminating information about the vulnerability and possible solutions. It
remains the responsibility of the end user to implement the solution. Think of
Ways that users can help strengthen security. Think about user habits that create
security risks.
Rta/:
• Mantener actualizado el equipo.
• Descargar archivos de paginas confiables.
• Instalar Software originales.
• Activar las actualizaciones internas del sistema operativo (firewall, scan
diario, antivirus actualizado).
• Manejar el Parental Control.
Task 5: Challenge
Try to identify an organization that will meet with us to explain how vulnerabilities
are tracked and solutions applied. Finding an organization willing to do this may be
difficult, for security reasons, but will benefits students, who will learn how
vulnerability mitigation is accomplished in the world. It will also give representatives
of the organization an opportunity to meet the class and conduct informal intern
interviews.