Vulnerable web servers top the Internet security risks

The SANS Institute has published a list of the top 20 internet securities vulnerabilities found in the first quarter of this year, warning that if these are not corrected, computer owners face an increased risk of handing control of their computers to hackers.

SANS stands for SysAdmin, Audit, Network, Security. The Institute, based in Maryland, is a leading source for information security training and certification. Its latest research was compiled with a team of experts from industry and government. Together they found over 600 new vulnerabilities.

These included flaws found in both Windows and UNIX products, anti-virus products from Symantec, F-Secure, TrendMicro and McAfee and in RealPlayer, iTunes and WinAmp Media Players.

The top vulnerability in Windows systems was in the default installation of web servers and additional components for web services that expose organisations to denial of service attacks and data theft.

For UNIX systems, the top vulnerability was in the Berkeley Internet Name Domain (BIND) package, the world's most widely used implementation of the Domain Name Service, or DNS, the system that converts names such as OUT-LAW.COM into a corresponding IP address.

According to the SANS Institute, too many DNS servers are outdated or mis-configured - and therefore vulnerable, not just to denial of service attacks, but also to DNS cache poisoning. With such poisoning, internet users entering the correct address for their bank's web site can unwittingly be directed to a hacker-controlled web site.

The SANS Institute warned:

"Individuals and organisations that do not correct these problems face a heightened threat that remote, unauthorised hackers will take control of their computers and use them for identity theft, for industrial espionage, or for distributing spam or pornography."

The list, which is normally published annually, will now be revised on a quarterly basis to reflect the ever-changing nature of internet threats.