Appendix E – RouteFinder Maintenance
Multi-Tech Systems, Inc. RouteFinderVPN RF760/660/600VPN User Guide (PN S000323D)
159
Updating
This involves keeping both yourself and your RouteFinder abreast of new bugs, new attacks and new patches, new
tools and resources, etc. Much of the RouteFinder updating effort can be done automatically (refer to the
Tracking >
Update Service
section in Chapter 3). Administrators can keep themselves current with mailing lists, news groups,
security forums, etc. (Refer to the section on Pre-Installation Planning in Chapter 2 of this manual for additional sources
of information).
The SANS Institute and the National Infrastructure Protection Center (NIPC) produced a document summarizing the
Twenty Most Critical Internet Security Vulnerabilities. Thousands of organizations use the list to prioritize their efforts so
they could close the most dangerous holes first. It is segmented into three categories: General Vulnerabilities, Windows
Vulnerabilities, and Unix Vulnerabilities. The SANS/FBI Top Twenty list is valuable because the majority of successful
attacks on computer systems via the Internet can be traced to exploitation of security flaws on this list. While manually
checking a system for each of the listed vulnerabilities is possible, a more practical way to find UNIX and Windows
vulnerabilities is to use an automated scanner.
Bob Todd, the author of the free Internet scanner SARA, created a version of SARA that finds and reports on the status
of the SANS/FBI Top Twenty list. SARA’s Top Twenty Vulnerability scanner is available from the Center for Internet
Security (
www.cisecurity.org
). You can download a copy from this site.
Several commercial vulnerability scanners may also be used to scan for these vulnerabilities, and the SANS Institute
maintains a list of all scanners that provide a focused Top Twenty scanning function at
www.sans.org
.