No exam life insurance Online casino slot Football prediction Cialis sale Tenuate diet pill Buy clomid Pharmacies Buy acyclovir State Phentermine buy online Buy cheap propecia today Tramadol cheap Get phentermine Anesthesia Physical therapy Yasmin Buy adipex p Toyota Buy diazepam Bingo Trading Psychiatry No deposit casino Food Discount meridia Cialis order Car Get tramadol Slot machine Buy valium online Cheap airline Adoption agencies Clothing Send flowers Discount viagra Get viagra Virus and spyware protection Buy viagra cheap Redtube Cardiology Tramadol image Tramadol hcl Betting High stakes poker Inventory software Craigslist Medical transcriptionist Generic viagra cheap Clonazepam Online casino game Life insurance quote County Myspace Flomax Generic amoxicillin Blood Pressure Phentermine to fla Sildenafil vardenafil Tramadol 50mg Phones 
Home > IT, Security > Has SANS Top 20 Lost All Meaning?

Has SANS Top 20 Lost All Meaning?

November 28th, 2007
Goto comments Leave a comment

I'm not going to give an answer to that... but I want everyone to think about it. As most people have read by now, the SANS Top-20 2007 list has been published.

The list this year contains the following:

  1. C1. Web Browsers
  2. C2. Office Software
  3. C3. Email Clients
  4. C4. Media Players
  5. S1. Web Applications
  6. S2. Windows Services
  7. S3. UNIX and Mac OS Services
  8. S4. Backup Software
  9. S5. Anti-virus Software
  10. S6. Management Software
  11. S7. Database Software
  12. H1. Excessive User Rights and Unauthorized Devices
  13. H2. Phishing / Spear Phishing
  14. H3. Unencrypted Laptops and Removable Media
  15. A1. Instant Messaging
  16. A2. Peer-to-Peer Programs
  17. N1. VoIP Servers and Phones
  18. Z1. Zero Day Attacks

Now take a look at past year's lists [2000, 2001, 2002]. The lists were somewhat specific... they gave you specific pieces of software, or enterprise 'security issues' (failure to properly backup, failure to properly log) that were of a concern. This year, we're presented with 18 categories (that's right... the top 20 contains 18 categories) that are almost as generic as you can get. This years SANS Top-20 List contains 257 unique CVEs... and that doesn't include the fact that they have included configuration sections that don't include any CVEs. Someone made the comment that next year they will release the "SANS Number #1" and the single entry will be "Computer". They are starting to get pretty close. The fix will probably be "Unplug the computer".

So if you're in an enterprise... how can you find any meaning in the SANS Top 20... they've essentially told you that users are stupid and that every piece of software you have deployed is flawed. It seems to me that calc.exe is safe... and perhaps sol.exe but nearly *everything* else fits into one of those categories. There are actually some well respected individuals on the team that composed the SANS Top 20... people that I would not normally associate with this sort of drivel... but really that's what this has become... I almost want to call it a 'FUD Missile'. It's telling me that all backup software is vulnerable, all AV software is vulnerable... my web browser is vulnerable.. my IM and Media Players are vulnerable... Yet they somehow let network infrastructure off the list. DNS Rebinding has been fairly popular this year, yet DNS isn't listed... it's mentioned twice in the entire report... once under phishing / spear phishing... and once under 0-days for the Windows DNS 0-day. They don't even mention DNS Rebinding as an issue... the phishing section says, "While they leverage flaws in browsers, email systems, and DNS, they do so only to enhance the appearance of legitimacy"

So my question... Do people out there still find meaning in the SANS Top 20? Has it outlived it's usefulness?

IT, Security

allied pickfords; Allis Chalmers G back acne treatment adverse reactions bactrim Botox Cream aspirin skin rash allergy Allergy Symptons food allergy recipes? georgia accutane lawyers San Jose Botox bactrim used for! ibuprofen allergy Infant Allergies botox for migraine allergies and vertigo Botox Treatment Houston amoxicillin dose; cheapest ativan online? Ambien No Prescription botox ads amlactin lotion, Abilify botox parties australia nut allergies! Acne Natural Treatment buying adderall online

budesonide

Sulfa Drug Allergy botox houston, allied bolt Bisacodyl Suppository allegra horse feed! dogs with allergies Alli Diet Aid arkansas botox law bicalutamide What Is Amitriptyline allergies and dogs allergies and dogs Fiat Allis Dozer fiat allis 21c boxer dogs allergies
Treating Dog Allergies

botox treatment

dog aspirin Alli Diet Plan blueberry allergy allegra cole Metal Allergy astelin 160 advair discus Blueberry Allergy allied interstate inc? bactroban Allegra amoxicillin dose; buy botox online Antara Del Barrio

arsenic symptoms

Allied healthcare arkansas botox 928. Albuterol Be Harmful allegra bonfiglio; iodine allergy symptoms Busty Alli back acne treatment adverse reactions bactrim Cheap Ambien aspirin skin rash allergy Accutane 4 Mg food allergy recipes? armour thyroid medication Botox Singapore bactrim used for! ibuprofen allergy Red Beet Betaine botox for migraine allergies and vertigo Allied Wheel amoxicillin dose; new mexico botox; Traverse City Botox botox ads amlactin lotion, Flea Allergy Dermatitis botox parties australia nut allergies! Allergys buying adderall online budesonide Ft Worth Botox botox houston, allergy remedy Mold Allergy allegra horse feed! dogs with allergies Allied Uk arkansas botox law bicalutamide Aleve During Pregnancy allergies and dogs allergies and dogs Treatment Of Acne fiat allis 21c goodyear allegra Coffee Allergy botox treatment bevacizumab Accutane blueberry allergy allegra cole Biaxin Antibiotic astelin 160 advair discus Biotin Hair Growth allied interstate inc? bactroban Arkansas Botox Law amoxicillin dose;

buy botox online

Botox Tv Commercials arsenic symptoms Allied healthcare arkansas botox 928. Butorphanol Tartrate allegra bonfiglio; iodine allergy symptoms Acne Treatments Mannatech back acne treatment adverse reactions bactrim Bumex aspirin skin rash allergy Ambien Online food allergy recipes? georgia accutane lawyers Ambien Abuse bactrim used for! flour allergy Ambien Vs Lunesta botox for migraine allergies and vertigo Canine Aspirin amoxicillin dose; cheapest ativan online? Alavert D botox ads amlactin lotion, Adenosine botox parties australia nut allergies! Seafood Allergy buying adderall online budesonide Oral Allergy Syndrome botox houston, allergy remedy Allied Tube allegra horse feed! ambien without prescription Mango Allergy arkansas botox law bicalutamide Bactrim No Prescription allergies and dogs allergies and dogs Foreign Alprazolam fiat allis 21c goodyear allegra Aerobid botox treatment bevacizumab Botox Marketing blueberry allergy allegra cole Durham Botox astelin 160 advair discus Allis Chalmers Forklift allied interstate inc? bisacodyl; Allerx Df amoxicillin dose; buy botox online Amoxicillin Dose

arsenic symptoms

Allied healthcare arkansas botox 928. Generic Advair
allegra bonfiglio;
allied health care Skin Allergies Itching back acne treatment adverse reactions bactrim Baclofen aspirin skin rash allergy Adderall Tic Treatment food allergy recipes? georgia accutane lawyers Allergy Biodiesel Kit bactrim used for! ibuprofen allergy Ambien 10mg Ambien

botox for migraine

allied tool company Organizacion Eventos Actos amoxicillin dose; cheapest ativan online? Botox Print Ads botox ads amlactin lotion, Asthma And Allergies botox parties australia san jose botox Allis Chalmers Decals buying adderall online budesonide Adderall Addiction botox houston, allergy remedy Allied Pickfords allegra horse feed! dogs with allergies Amoxicillin Insert arkansas botox law bicalutamide Citric Acid Allergy allergies and dogs allergies and dogs Alesse Birth Control fiat allis 21c goodyear allegra Alora Leath botox treatment bevacizumab Aspirin Addiction blueberry allergy allegra cole Ambien Overdose astelin 160 advair discus Adalat Cc allied interstate inc? bisacodyl; Allergy Tests amoxicillin dose; buy botox online Ambien Memory Loss arsenic symptoms wheat allergy symptoms, Alkeran allegra bonfiglio; iodine allergy symptoms Betamethasone Cream back acne treatment adverse reactions bactrim Cerebral Palsy Botox aspirin skin rash allergy Allied Healthcare Products food allergy recipes? georgia accutane lawyers Adderall Rx bactrim used for! ibuprofen allergy Acne Treatment Product botox for migraine allergies and vertigo Alli Sims amoxicillin dose; cheapest ativan online? Better Than Botox botox ads amlactin lotion, Natural Allergy Remedies botox parties australia nut allergies! Actonel 75mg buying adderall online budesonide Allergy Report botox houston, allergy remedy New Mexico Botox allegra horse feed! dogs with allergies Egg Allergies arkansas botox law bicalutamide Allied Moving allergies and dogs allergies and dogs Botox Cosmetic Texas fiat allis 21c goodyear allegra Acne Alternative Treatment
botox treatment new york botox! Allergy Hives blueberry allergy allegra cole Actos For Diabetes astelin 160 advair discus Arsenic Filters allied interstate inc? bactroban Amoxicillin Allergy amoxicillin dose; buy botox online Dallas Botox arsenic symptoms wheat allergy symptoms, Arsenic Symptoms allegra bonfiglio; iodine allergy symptoms Cuisine Americaine back acne treatment adverse reactions bactrim Allis Chalmers 5050 aspirin skin rash allergy Amyl Nitrite food allergy recipes? georgia accutane lawyers Wc Allis Chalmers bactrim used for! ibuprofen allergy

Milk Protein Allergy

botox for migraine allergies blackberry Utah Botox amoxicillin dose; cheapest ativan online? Actos Medication botox ads amlactin lotion, Avelox Antibiotic botox parties australia nut allergies! Atrovent Nasal Spray buying adderall online budesonide Prescription Acne Treatment botox houston, allergy remedy Ambien Mexico allegra horse feed! dogs with allergies Antabuse arkansas botox law bicalutamide Bontril 105 allergies and dogs allergies and dogs Carpet Allergies fiat allis 21c goodyear allegra Ambien Taper botox treatment bevacizumab Treatment For Acne blueberry allergy allegra cole Niacin Allergies astelin 160 advair discus Herbal Acne Treatment allied interstate inc? bisacodyl; Buy Adderall Online amoxicillin dose; buy botox online Bontril Purchase arsenic symptoms wheat allergy symptoms,
Exposed Acne Treatment
allegra bonfiglio; allied health care Dog Allergy Medicine back acne treatment adverse reactions bactrim Snorting Adderall aspirin skin rash allergy Buspirone For Cats food allergy recipes? georgia accutane lawyers Augmentin 875 bactrim used for! ibuprofen allergy Dog Arthritis Aspirin botox for migraine allergies and vertigo Allergy Buyers Club amoxicillin dose;

new mexico botox;

Butorphanol botox ads allergy to penicillin Natural Allergy Relief botox parties australia san jose botox Georgia Accutane Lawsuits
buying adderall online
hives skin allergies Flour Allergy botox houston, allergy remedy Allied Systems allegra horse feed! dogs with allergies Dogs With Allergies arkansas botox law bicalutamide Allied Barton allergies and dogs allergies masks Allergy Forecast fiat allis 21c boxer dogs allergies Atorvastatin botox treatment bevacizumab Botox Results blueberry allergy