SANS Top-20 Internet Security Attack Targets (2006 Annual Update)

SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
http://www.sans.org/top20/?ref=1814



Operating Systems
W1. Internet Explorer
W2. Windows Libraries
W3. Microsoft Office
W4. Windows Services
W5. Windows Configuration Weaknesses
M1. Mac OS X
U1. UNIX Configuration Weaknesses

Cross-Platform Applications
C1 Web Applications
C2. Database Software
C3. P2P File Sharing Applications
C4 Instant Messaging
C5. Media Players
C6. DNS Servers
C7. Backup Software
C8. Security, Enterprise, and Directory Management Servers Network Devices
N1. VoIP Servers and Phones
N2. Network and Other Devices Common Configuration Weaknesses

Security Policy and Personnel
H1. Excessive User Rights and Unauthorized Devices
H2. Users (Phishing/Spear Phishing)

Special Section
Z1. Zero Day Attacks and Prevention Strategies