Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft Patch Tuesday Roundup - February 2011

And the race is on to apply patches to the Microsoft Windows systems in your environment! One of the bulletins this month, MS011-04, fixes remotely exploitable issues in the IIS FTP service. To me, FTP falls in the same category as Telnet, which is "You should be using SSH instead". Despite the lack of security that FTP offers, it still appears to be wildly popular decades later. I performed some searches using "SHODAN", "The Computer Search Engine", which scours the Internet looking for open ports, services and banners. I told it to find systems with port 21 (FTP) open and got the following results:

  • United States: 27,355
  • China: 15,341
  • India: 11,122
  • Egypt: 10,476
  • Thailand: 10,068


I then told it to find the systems known to be running SSH (port 22):

  • United States: 21,484
  • Germany: 2,458
  • France: 904
  • United Kingdom: 893
  • Japan: 751

Could it be that FTP is more popular than SSH? Wow, not only do we have patches to apply, but it seems we've got some protocols to replace/update as well. Just in case you were wondering, here are the results for Telnet (port 23):

  • United States: 363,931
  • Korea, Republic of: 340,240
  • China: 225,079
  • Brazil: 99,653
  • Italy: 58,918

My guess is that SHODAN is doing more intensive scanning for Telnet than SSH or FTP protocols. Even if the above numbers are just samples of even small to medium numbers of systems, we've still got a lot of systems that are using these older protocols. Why does this matter? First, protocols that send credentials and data in clear text have a very limited use, if any, for transmitting information across the network as they do not offer confidentiality or integrity of the data. Second, the fewer services you run and expose to the Internet, the better off you are with respects to patching. You may be reading this and thinking, "Yes, but I'm not running these services". My question to you is, “When was the last time you checked?” There are obviously more than a few systems out there still running FTP and Telnet.

To further aid in your efforts to evaluate the dangers of the vulnerabilities addressed by Microsoft’s Patch Tuesday, Tenable's Research team has published plugins for each of the security bulletins issued this month:

Resources