D

Previous page
Table of content
Next page
data
publicly available information, 8-18
security of, 359
in source code, 170-171
data-driven attacks, 218-230
Data Encryption Standard (DES), 262
Data Execution Prevention (DEP), 207-208, 533
databases
ARIN, 28-31, 116-118, 356
authentication, 562
axfr, 35-36
DB2, 563
EDGAR, 12
Google Hacking, 15-16
hacking, 15-16, 522
MS SQL, 563
MySQL, 563
ODBC, 564
Oracle, 563
Postgress, 563
public, 8-32
Solaris Fingerprint Database, 279
SQL injection, 561-564
WHOIS, 22, 24-31, 39, 295
WiGLE.net, 424
Davis, Michael, 384
DB2 databases, 563
DCAR (Distributed CAR), 501
DCOM (Distributed Component Object Model) services, 161, 163
dcomcnfg tool, 576
DCs (domain controllers), 94, 118, 144-145, 160
DDoS (distributed denial of service) attacks, 494-497, 641
DDoS clients , 495-497
DDOSPing tool, 504
deauthentication attacks, 441
DeBaggis, Nick, 592
Debploit tool, 118
demarcation point, 355
demon dialers. See war-dialing
denial of service (DoS) attacks, 487-507
alternate infrastructure, 507
anti-DoS products, 499
application-layer , 497
application modes, 507
bandwidth consumption, 491-497
buffer overflows. See buffer overflows
capacity depletion, 491-497, 499, 507
common techniques, 489-497
countermeasures, 498-507
detecting attacks, 503-504
distributed denial of service attacks, 494-497, 641
DoS bots, 494-497, 503-504, 507
DoS testing, 503
Fraggle attacks, 493-494
ICMP and, 49
infrastructure-layer, 491-497
ISPs and, 499-500, 506
Linux platform, 493, 495, 502-504
moving targets, 506
network hardening and, 500-501
overview, 488-489
resources, 507
responding to, 504-507
server hardening and, 501-503
Smurf attack, 493-494, 496
Solaris platform, 495, 502
syn floods, 491-492
UDP floods, 492-493
UNIX platform, 490, 493, 495, 503-504
VoIP, 340
vulnerabilities, 490-491
wireless networks, 441, 456
DEP (Data Execution Prevention), 207-208, 533
DES (Data Encryption Standard), 262
DESX (Extended Data Encryption Standard), 205-206
detection agents , 352-356
development team, 525
DF attribute, 73-74
DHCP broadcasts, 373-375
dial-back authentication, 324
dial-up hacking
authentication mechanisms, 313-325
brute-force scripting, 313-325
Caller ID and, 298
carrier exploitation, 311-313
hardware considerations, 296-297
legal issues, 297-298
long-distance charges, 298
low hanging fruit, 314-315
PBX hacking, 325-329
PhoneSweep, 298, 308-311
preparation for, 294-296
randomization, 303-304
security measures, 323-325
software for, 298-313
THC-Scan, 298-299, 304-308
ToneLoc, 298-313
war-dialing. See war-dialing
dictionary attacks
ancontrol utility, 453
automated, 261-262
L0phtcrack (LC) tool, 179-183
password cracking, 261-262
WASAT tool, 556
diff technique, 644
Dig tool, 353-354
digiboard cards, 297
digital signal processing (DSP) device, 331
Direct Host, 143
directories
finding unprotected , 546
hiding, 637-638
IIS, 165, 171
traversal issues, 165, 171, 519, 521
UNIX, 273-276
virtual, 171
web servers and, 540
Directory Services Client (DSClient), 160-161
discovering network devices, 352-356
discovery tools, 75-76
Distributed CAR (DCAR), 501
Distributed Component Object Model (DCOM) services, 161, 163
distributed denial of service. See DDoS
Dittrich, Dave, 488, 495
Dixon, William, 203
djbdns program, 254
DLL injection, 173, 177-178, 185, 640
DMZ architecture, 231
DNS, reverse, 355, 358
DNS (Domain Name System)
security, 36-37
TSIG overflow attacks, 253-254
UNIX and, 250-252
DNS clients, 506
DNS enumeration, 18-32
DNS interrogation , 32-37
DNS lookups, 30-31, 392, 478
DNS servers
domain queries, 30-31
DoS attacks, 506
UNIX and, 250-252
DNS spoofing, 340
DNS zone transfers, 32-37, 84-86, 478
dnsspoof tool, 385
domain controllers (DCs), 94, 118, 144-145, 160
Domain Name System. See DNS
domain- related searches, 24-27
domain security model, 595
domains
brute-force scripting and, 313
enumeration, 93-94, 101, 104-105, 110
hijacking, 32
trusted, 101, 104-105, 110
vulnerabilities, 582-583
DoS. See denial of service
DoS attacks, 162
DoS bots, 494-497, 503-504, 507, 641
DOS platform
attrib tool, 198
defined, 79
SUID files and, 274
THC-Scan and, 304-305
war-dialing and, 298-299
DOSEMU for Unix, 274, 305
dot-dot-slash attacks, 171
Double Decode exploit, 171, 519
double- escapes , 519-521
Download.Ject issue, 167
drivers
GPS units, 414
OpenBSD, 410-411
PCMCIA, 410
Wavelan, 444
wireless, 410-411
WLAN, 427-428
drones, 640-641
drop points, 586-587
dropper, 637
DSClient (Directory Services Client), 160-161
dsclient utility, 107
dsniff program, 280-281, 369, 383-386
DSP (digital signal processing) device, 331
Dstumbler tool, 420-422
dtappgather utility, 268
DTP (Dynamic Trunking Protocol), 378
DumpACL tool, 98, 143
dumpel tool, 155
DumpEvt tool, 156
DumpSec tool, 98-102, 143
DWEPCrack, 450-451
DWEPUtils, 450
Dynamic Trunking Protocol (DTP), 378

Previous page
Table of content
Next page
Hacking Exposed
Hacking Exposed 5th Edition
ISBN: B0018SYWW0
EAN: N/A
Year: 2003
Pages: 127
Authors: Stuart McClure, Joel Scambray, George Kurtz
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Cisco Voice Gateways and Gatekeepers
Competency-Based Human Resource Management
Programming Microsoft ASP.NET 3.5
InDesign Type: Professional Typography with Adobe InDesign CS2
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy