F

FakeGina trojan, 165

.far files, 196, 248

Fast User Switching Compatibility service, 271

.fav files, 197

Favorites list files, 197

Fax Service, 272

FBI, 2004 Computer Crime and Security Survey by, 5

Federal Information Processing Standards (FIPS), 464–465

FEK (File Encryption Key), 464–465

File Archive File Format files, 194

File Archive files, 194

file associations

hidden, 212

high-risk, blocking, 247–249

permission to change, 250–251

in registry, 231–235

vulnerabilities of, 30, 38, 39, 203, 243

in Windows Explorer, 235

file attachments

blocking, 398–401

malicious, 391–392

File Encryption Key (FEK), 464–465

file execution attacks, 361–362

The File Extension Source, 203

file extensions, hidden, 32–33

File Replication Service

definition of, 272

Replicator group for, 110

Windows version comparisons for, 288

File Service for Macintosh, 284

file sharing

of EFS-protected files, 466–467

Simple File Sharing, 131

file system settings, group policy, 513–514

File Transfer Protocol (FTP), for IIS, 445

FileMon utility (Sysinternals), 240, 292, 425

files. See also specific files

assigning permissions to, 97–99

buffer overflow attacks on, 191

decrypting with EFS, 461

default permission settings for, 132–135

defending against attacks of, 218–225

downloading, IE settings for, 370, 376

encrypting

with Cipher.exe, 461

with EFS, 460–461

high-risk files

ADS (Alternate Data Streams), 214–216

auditing for, 224–225

blocking, 225

configuration files, 193

Debug.exe program as, 189, 190

definition of, 189–191

file type mismatches, 192

flawed by design, 191–192

flaws allowing misuse of, 192–193

list of, by type, 193–203, 247–249

with magic names, 193

MIME type mismatches, 214, 363

naming tricks used on, 211–214

NTFS permissions for, 218–221

SRP for, 221–224

unused applications, 217

updating patches for, 225

Windows files, list of, 204–211

ownership of, 502

permissions for, list of, 123–126

unusual names for, malware using, 31–32

filtering, anti-spam software using, 412–413

fingerprinting, 9, 413

FIPS (Federal Information Processing Standards), 464–465

Firefox browser

exploitations of, 52–53, 350

security statistics for, 351–352

firewall ports for IPSec, 318–319

firewalls

bypassing defenses of, 321

failure of, assuming, 55

host-based firewall, 65–68, 439

firmware environment values, modifying, 501

Flash.ocx file, 353

floppy access, security options for, 504

Flush.D trojan, 49

folders. See also specific folders

assigning permissions to, 97–99

decrypting with EFS, 461

default permission settings for, 132–135

encrypting with EFS, 460–461

installing software to non-default folders, 76

permissions for, list of, 123–126

Share permissions for, 119–121

unusual names for, malware using, 31–32

"Follow the Bouncing Malware" article, 19

ForceSQL program, 165

Foreign Security Principals OU, 520

forest root domain, in Active Directory, 522

forest trusts, 522

forests, in Active Directory, 521

Fp11.adm template, 516

fraudulent e-mail. See phishing attacks

FrontPage 2002 Server Extensions, for IIS, 445, 449

FSMO (Forest Single Master Operations) roles, 523–524

FTP (File Transfer Protocol), for IIS, 445

FTP Publishing Service, 284

ftp URI handler, 250

Full Control permission

avoiding use of, 136

definition of, 119–121, 124, 126, 127

for GPOs (group policy objects), 534

improperly configured, 16

registry keys, 241

Fully Managed policies, 486