Systems installed in default configurations often include many unnecessary services that are configured automatically. These provide many potential avenues for unauthorized access to a system or network. Many services have known vulnerabilities that require specific actions to make them more secure or that might be used to simply impair system function by causing additional processing overhead.
Common default-configuration exploits include services, such as anonymous-access FTP servers, as well as network protocols, such as the Simple Network Management Protocol (SNMP).
|