For those that are interested in how the SANS 2003 Top 20 List compares to the SANS 2004 Top 20 List we are providing the links to both lists here.

SANS Top 20 for 2003
http://www.sans.org/top20/top20_oct03.php">http://www.sans.org/top20/top20_oct03.php

SANS Top 20 for 2004
http://www.sans.org/top20
Microsoft ASP.NET ValidatePath Module

Microsoft is currently investigating a reported vulnerability affecting ASP.NET that could allow an attacker to send a specially-formed URL request that could result in the system bypassing authentication and disclosing content.

http://www.microsoft.com/downloads/details.aspx?familyid=da77b852-dfa0-4631-aaf9-8bcc6c743026&displaylang=en
IRC Botnet Servers
It has been a pretty quiet day on the Internet all in all. We are still receiving many reports of W32.Spybot.Worm and GAOBOT infections. We would be interested in hearing from people that are battling this worm, what are you seeing, what files have you found that are affected, what has the impact been on your organization? I will try to take the information that we receive and do an overview of the information we receive in a future Diary.
Handler On Duty
Deb Hale