Step 5
Software vulnerabilities:
This is an endless discussion amongst alot of people as to what software is the best for the task.
As an example many would argue of what is better or safer to use, sendmail or qmail, proftpd or wu-fptd,
ipop3d or qpopper, and on.
I'm not going to start a debate about which software you use and that you should use something else because
I feel its more secure or better software than what you use. I will tell you that ALL software
is subject to vulnerabilities and therefor subject to exploitation. There are no exceptions to this rule period.
It doesn't matter what anyone will tell you, programs are written by humans and subject to human error and are
therefor subject to possibly vulnerabilities.
No matter what software you use you want to protect yourself from vulnerabilities. The key to this is find
a good source of known vulnerabilities and continously check back for new vulnerabilities. This is a neverending
task and one of the reasons that computer security is such a consuming job. On such resource for software
vulnerabilities is Security Focus. What you want to do is keep your
software up to date with the latest revisions and patches. Remember there are 2 main reasons to release a new
version of software, 1) is to add or fix features in the software, 2) is to fix bugs, vulnerabilities, and exploits.
My judgement of good software is not how many bugs, vulnerabilities, or exploits it has had but how rapidly these
are repaired to prevent future use of them. If a vulnerability or bug is revealed in software and it is repaired
in a timely manner to prevent future problems with the software then that is the type of software you want to use.
You don't want software they take their time in fixing because your open to a vulnerability that has now been discovered
and everyone knows about. As an admin you look to resources such as security focus to maintain security in your system, but
never forget the bad guy is watching the exact same thing so that he can find new ways to penetrate your security measures.
|
