The majority of all exploits take advantage of some very common vulnerabilities in widely used software. The SANS Institute along with the FBI have created and maintained what is known as the SANS Top 20 list for five years now.

The SANS Top-20 2004 is actually two Top Ten lists: the ten most commonly exploited vulnerable services in Windows and the ten most commonly exploited elements in UNIX and Linux environments. Although there are thousands of security incidents each year affecting these operating systems, the overwhelming majority of successful attacks target one or more of these twenty vulnerable services. This list is the result of a process that brought together dozens of leading security experts. They come from the most security-conscious government agencies in the UK, US, and Singapore; the leading security software vendors and consulting firms; the top university-based security programs; many other user organizations; and the SANS Institute.

Many of these exploits are enabled by default on computers and need to be addressed. This is particularly inportant for Windows users running a web server, SQL database, or File and Print Sharing. We recommend that users click through the list below and read about these system weaknesses. Users can then follow the guidlines to secure these services.

• Web Servers & Services
• Workstation Service
• Windows Remote Access Services
• Microsoft SQL Server (MSSQL)
• Windows Authentication
• Web Browsers
• File-Sharing Applications
• LSAS Exposures
• Mail Client
• Instant Messaging

• BIND Domain Name System
• Web Servers
• Authentication
• Version Control Systems
• Mail Transport Service
• Simple Network Management Protocol (SNMP)
• Open Secure Sockets Layer (SSL)
• Misconfiguration of Enterprise Services NIS/NFS
• Databases
• Kernel