CA (certification authority), 309
.cab files, 194
cabinet archive files, 194
cached credentials, password attacks on, 176–177
Cachedump utility, 176
Cain & Able program, 16–17, 166, 169, 179
Callto URI handler, 249
Carnegie Mellon University CERT Coordination Center, 51
Cascading Style Sheet files, 195
CastleCop's listing of ActiveX controls, 335
.cbl files, 194
.cbm files, 194
.cbo files, 194
CD-ROM access, security options for, 504
.cer files, 195
CERT Coordination Center, Carnegie Mellon University, 51
Cert Publishers group, 85, 104
Certificate authentication, IIS, 432, 449, 450
Certificate Auto-enrollment in Windows XP, 478
certificate exception rules, SRP, 222, 341
Certificate Services (Microsoft)
CERTSVC_DCOM_ACCESS group created by, 104
for EFS, 475–476
operating systems available in, 283
Certificate Trust List files, 195, 201
certificates
EFS, 462–464
IE settings for, 372, 383–384
certification authority (CA), 309
CERTSVC_DCOM_ACCESS group, 104
challenge-response mechanism, 152
Change permission, 119–121
Change Permissions permission, 125, 126
Character Map, viewing Unicode characters in, 142
.chm files, 195, 247
Cipher.exe program, 461, 472
CipherTrust, zombie nets tracked by, 13–14
Cisco IOS 12.x operating system, 53
ClearCredCache program, 179
ClipBook service, 269
CLSID (Class ID), 83, 335–336
Cluster Services, 284
.cmd files, 195, 248
Code Red worm, 419
collision, in hash algorithm, 147
COM+ access, for IIS, 444
COM+ Event System service, 269
.com files, 195, 248
COM objects
registry listing, 42
unregistering, 332–334
COM+ System Application service, 269
command and control trojan, 13
command files, vulnerabilities of, 23, 195, 199, 248
Command.com file, 23
Commercial Guardian Monitor spyware, 46
Common.adm template, 515
companion viruses, 12
The Complete Patch Management Book (Bradley, Susan and Anne Stanton), 64
compressed files. See also archive files
EFS not encrypting, 460, 477
vulnerabilities of, 197, 203
computer accounts
definition of, 115–116
password attacks on, 177–179
Computer Browser service, 269
Computer Configuration section of group policy, 487
Computername$ group, 116
Computers OU, 520
Conf.adm template, 515
Config.nt file, 23
Config.sys file, 23, 132
configuration files, 198, 201. See also registry
Configuring Application Isolation on Windows Server 2003 and Internet Information Services (IIS) 6.0, 456
constrained delegation, 92, 156, 471
container objects, in Active Directory, 481. See also organizational unit (OU), in Active Directory
contest, hacking, May 2005, 10–11
Control Panel Applet files, 195
cookie manipulation, 363–364
CoolWeb Search Adware, 40
.cpl files, 195
Create Child Objects permission, for GPOs, 534
Create Files permission, 124, 126
Create Folders permission, 125, 126
Create Link permission, registry keys, 242
Create Subkey permission, registry keys, 241
Creator Authority, 84
Creator group, 84, 104, 114
Creator Group Server account, 84
Creator Owner group, 84, 104, 114
Creator Owner Server account, 84
CredDump program, 180
Credential Manager, password attacks with, 179–181
credentials, cached, password attacks on, 176–177
crimeware, 19. See also malware
cross-site scripting (XSS)
in e-mail, 393
in IE (Internet Explorer), 357–358
malware in, 21
cross-zone attacks, IE, 362
Crypt32.dll file, 352
Cryptographic Services, 270
cryptography. See encryption
.cs files, 191, 202, 249
Cscript.exe program, 191
.css files, 195
.ctl files, 195
.cur files, 196, 248
cursor graphic files, 248