W

Previous page
Table of content
Next page

Wallz worm, 45

war dialing, 8–9

War Games movie, 8–9

.wbk files, 202

Web Element Manager service, 287

Web Manager tool, IIS, 428

Web Server Edition, IIS, 420

web service extensions, IIS, 436, 448–449

web site resources

Ad-Aware (Lavasoft), 70

about Administrative template creation, 517

Advanced Windows Password Recovery program, 181

about anti-phishing and anti-spoofing, 357

Anti-Phishing Workgroup, 5

Austrumi, 163

Automatic Updates, 65

Autoruns program (Sysinternals), 256

Barracuda Spam Firewall, 69

Beagle.AV worm, 195, 200, 391

BeatLM program, 168

Bookmarker trojan, 41

Bropia trojan, 34

browser security statistics, 351

browser test sites, 365

Brutus program, 164

Cachedump utility, 176

Cain & Able program, 16, 166

Carnegie Mellon University CERT Coordination Center, 51

CastleCop's listing of ActiveX controls, 335

CipherTrust, zombie nets tracked by, 13–14

ClearCredCache program, 179

The Complete Patch Management Book (Bradley, Susan and Anne Stanton), 64

CoolWeb Search Adware, 40

CredDump program, 180

about cross-site scripting, 357

Daqa trojan, 73

Define virus, 12

Dell Computers, survey by, 6

denial-of-service attack, account of (Gibson), 15

DES and DESX comparison, 464

EBCD-Emergency Boot CD, 163

about EFS, 478

Elk Cloner virus, 12

exploit research, 9

FakeGina trojan, 165

The File Extension Source, 203

FileMon utility (Sysinternals), 240

fingerprinting tools, 9

Firefox browser, 350

firewalls, 68

ForceSQL program, 165

Gartner Research report, November 2004, 9

"The Great Password Debates: Pass Phrases vs.Passwords" (Microsoft), 145

Group Policy Administrator (NetIQ), 224

guide to hacker personas (Hensing), 11

hacking contest, May 2005, 10–11

Haxor backdoor trojan rootkit, 41

Honeynet Project, botnets tracked by, 13

IE security, third-party tools for, 387

for IIS, 456

Information Technology-Information Sharing and Analysis Center, 51

Internet Security Threat Report (Symantec), 394

Internet Security Threat Report VIII (Symantec), 19

IPSec (IP Security) protocol, 322

John the Ripper program, 166

Kerbcrack program, 170

Kerberos authentication protocol, 156

Konqueror browser, 350

LAND attack, 15

Lsadump2 program, 178

LSPfix program, 73

Lynx browser, 350

MakeMeAdmin application, 62

McAfee Personal firewall, 68

MessageLabs security service provider, 5, 57

Microsoft Baseline Security Analyzer, 65

Microsoft Update, 65

Microsoft's anti-spyware software, 70

Microsoft's patch management document, 64

Microsoft's Ten Immutable Laws of Security, 7

Mozilla browser, 350

MS-Blaster worm, 56

Netscape browser, 350

NewDotNet adware program, 73

Nmap fingerprinting tool, 9

Nordahl boot disk, 161

Norton Personal firewall, 68

NT Resetter, 163

NTLMv2 authentication protocol, 154

Offline EFS, 468

Oleview utility, 335

O&O BlueCon XXL, 163

Opera browser, 350

password complexity, enabling in Windows NT, 144

password guessing programs, 164–165

Password List reader, 181

password resetting programs, 162–163

patch management tools, 64–65

Petch trojan, 33, 41

PolicyMaker (Desktop Standard), 224

Postini security service provider, 57

Psgetsid utility (Sysinternals), 89

Pwdump program, 167

Pwl Tools, 181

Qaz trojan/worm, 190

RBLs (real-time blacklists), 410

Regmon tool (Sysinternals), 239

Riler trojan, 73

RootKitRevealer (Sysinternals), 14

rootkits, Windows, 14

RunAsAdmin application, 63

Safari browser, 350

SANS Handler's Diary article about malware, 19

ScoopLM program, 168

Secret Service report on insider attacks, 17

Secunia web site, 9

security guides, 289

security surveys, 5–6

Share Password Checker, 169

SIDs, list of, 86

Sid2user.exe program, 89

SMB Auditing Tool, 169

SMB Downgrade Attacker, 169

SMBGrind program, 168

SMBRelay program, 168

SQL Auditing Tool, 165

Sqlbf-all program, 165

SRP-like applications, 224, 346

Streams (Sysinternals), 216

Symantec, botnets tracked by, 13

System Management Server, 64

Tiny Firewall, 68

TokenMon utility (Sysinternals), 91

trusts, 523

TSGrinder program, 164

2004 Computer Crime and Security Survey (FBI), 5

2004 ICSA Labs Tenth Annual Computer Virus Prevalence Survey, 5, 391

Unicode characters to avoid in passwords, 143

URLScan tool, 450–451

User2sid.exe program, 89

Wallz worsm, 45

The Wild List, 5

Windows Firewall, 68

Windows Firewall group policy settings, 66

Windows Server Update Service (WSUS), 64–65

Windows Vista, blog regarding, 76

Windows XP/2000/NT Key, 163

Winternals Administrator's Pak, 163

WMF exploit, 393

W2K Server Resource Kit utilities, 156

Xprobe2 fingerprinting tool, 9

ZoneAlarm firewall, 68

web sites. See also browsers; URL (Universal Resource Locator)

EFS (Encrypting File System) and, 469

securing, 452–455

Webber trojan, 38

WebClient service, 281

WebDAV (Web-based Distributed Authoring and Versioning)

definition of, 448

EFS (Encrypting File System) and, 469

enabling, 449

WFP (Windows File Protection), 12

white-listing. See software restriction policies

whitelists, anti-spam software using, 410

Whoami.exe program, 87–88

WIA (Windows Image Acquisition) service, 287

The Wild List web site, 5

WinAmp media files, 196, 248

%Windir% folders, 28

Windows

authentication protocols supported by, 156–157

hardening, for IIS, 441–443

installation of, for IIS, 438–439

patches for, keeping up-to-date, 63–65

services installed by default on, 255

version of, hackers identifying, 9

Windows NT

authentication protocols supported by, 156–157

NT (NTLAN Man) hash algorithm introduced by, 147–148, 149

password complexity, enabling, 144

Windows 2000

Kerberos authentication protocol introduced by, 154

password complexity, enabling, 144

SRP-like features for, 224, 344

Windows Vista

features of, 76

Power Users group removed in, 87

Windows XP

LAND attack on, 15

password complexity enabled in, 144

Windows Animated Cursor files, 193, 247

Windows Audio service, 281

Windows Authorization Access group, 86, 112–113, 116

Windows Compiled Help Files, 195, 247

Windows cursor graphic files, 196, 248

Windows Data Protection, 478

Windows Explorer command files, 201, 248

Windows File Protection (WFP), 12

Windows File System (WinFS), 228

Windows Firewall, 65–68, 318–319

Windows Firewall/Internet Connection Sharing (ICS) service, 272, 281

Windows folder, permissions for, 132–134, 135

Windows Icon graphic files, 198

Windows Image Acquisition (WIA) service, 287

Windows Installer service, 281

Windows Internet Naming Service (WINS), 287

Windows Management Instrumentation Driver Extensions service, 282

Windows Management Instrumentation service, 281

Windows Media Services, 287

Windows Policy file, 200, 248

Windows Scripting Host, attacks using, 191

Windows Server 2003 Security Infrastructures (De Clercq), 86

Windows Server Update Service (WSUS), 64–65

Windows settings, group policy, 490–514

Windows Time service, 282

Windows trusts, permissions and, 116–117

Windows User Mode Driver Framework service, 287

Windows XP/2000/NT Key, 163

Windows.adm template, 515

WinFS (Windows File System), 228

WinHTTP Web Proxy Auto-Discovery Service, 282

WIN.INI file, 27

Wininit.int file, 27

Winlogon.exe process, 159

WinRAR archived files, 200

WINS Users group, 113

WINS (Windows Internet Naming Service), 287

Winsock.dll file, 27

WINSTART.BAT file, 27

Winternals Administrator's Pak, 163

Wired Equivalent Privacy, 16

Wireless (Zero) Configuration service, 282

.wiz files, 202

Wizard files, 202

WLANs (wireless local area networks), sniffing attacks on, 16

.wma files, 196, 248

WMF exploit, 393

WMI filtering, for GPOs, 532

WMI Performance Adapter service, 282

Wmplayer.adm template, 515

Word (Microsoft)

document vulnerabilities, 196, 202

malware in embedded scripts, 21

Word11.adm template, 516

worker processes, IIS, 422–425

Workstation service, 283

World Authority, 84

World Wide Publishing Service, 287

World Wide Web Service, for IIS, 446, 448

WorldSearch adware, 47

worms. See also malware

Beagle.AV worm, 195, 200, 391

Blaster worm, 8

Code Red worm, 419

definition of, 14

e-worms, 391

Internet worms, 391

MS-Blaster worm, 14

password-guessing routines in, 146

prevalence of, 7

SQL.Slammer worm, 5, 14

Write Attributes permission, 125, 126

Write DACL permission, registry keys, 242

Write Data permission, 124, 126

Write Extended Attributes permission, 125, 126

Write Owner permission, registry keys, 242

Write permission

definition of, 123, 126, 127

for GPOs (group policy objects), 534

.ws files, 191, 202, 249

.wsc files, 202, 249

Wscript.exe program, 191

.wsf files, 202, 249

WSH files, 202, 249

WSUS Administrators group, 113

WSUS (Windows Server Update Service), 64–65

W3wp.exe process, 422–423

W2K Server Resource Kit utilities, 156

Wuau.adm template, 515

WuKill worm, 24


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Software Configuration Management
Building Web Applications with UML (2nd Edition)
Managing Enterprise Systems with the Windows Script Host
Cisco IOS Cookbook (Cookbooks (OReilly))
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy