TCP (Transmission Control Protocol), 36
TCP headers, 57, 377, 382-383
TCP/IP
accessing UNIX systems via, 214-261
fragmented , 490
NetBIOS over TCP/IP (NBT), 149-150
TCP ports
DNS zone transfers, 84-86
enumeration and, 84-88
listed, 651-656
network devices, 360-363
port 13, 364
port 20, 475-476
port 22, 137
port 25, 72
port 53, 84-86
port 69, 86
port 79, 87-88
port 80, 72, 88-91
port 111, 128-129
port 113, 58
port 135, 59, 161
port 139, 58-59, 68, 96-111, 143, 148-151, 164
port 179, 116-118
port 389, 118-122
port 445, 59, 68, 97, 106, 143, 149-151, 164
port 524, 123-127
port 1434, 131-133
port 2049, 133
port 3268, 118-122
port 7000, 616
port 8888, 593
port 9001, 365
port 27665, 496
port 32771, 128-129
port 34555, 496
sequence number prediction, 381-382
TCP sequence number prediction, 381-382
TCP streams, 191-192, 260
tcpdump program
detecting sniffers, 281
promiscuous-mode attacks, 215, 259-261
RIP spoofing, 394-395
as traffic sniffer, 382-383
wireless networks, 431-432
telecommunications equipment closets, 324
telnet
banner grabbing , 79-81
reverse telnet, 233-235
unauthenticated, 483
Telnet brute force attacks, 399
Terminal Server, 118, 187, 204
Terminal Services, 187-188
TFN (Tribe Flood Network), 495-496
TFTP (Trivial File Transfer Protocol), 86, 387-389, 392
THC (The Hacker's Choice), 166-167, 435
THC-Scan tool, 298-299, 304-308
The Hacker's Choice (THC), 166-167, 435
Thomas, Rob, 356, 401-402
threat modeling, 525-526, 534
three-way handshake, 491, 493
timestamps, 50-51, 289, 414
Titan FTP Server, 515-516
TLDs (top-level domains), 21-22, 28
TLS (Transport Layer Security), 345
TOS (type of service), 70
traceroute output, 357-358
traceroute utility, 37-40, 354-356, 467-468
tracerouting, 37-40, 355, 357, 359
tracert utility, 37-40, 354-356, 467
traffic sniffing attacks, 400
Transaction Signature (TSIG) feature, 253-254
Translate: f vulnerability, 540-542
Transmission Control Protocol. See TCP
Transport Layer Security (TLS), 345
Tribe Flood Network (TFN), 495-496
Tripwire program, 157, 278
Trivial File Transfer Protocol. See TFTP
Trojan horses
180 Solutions Trojan, 595
accidental, 576
described, 634
Solaris systems, 279
UNIX, 277-279
Trunking Protocol, 377-378, 381
trusted domains, 101, 104-105, 110
Trusted Sites zone, 602-604
Trustworthy Computing (TWC), 141
TSIG (Transaction Signature) feature, 253-254
TTL (time-to-live), 37, 506
TTL-exceeded packets, 355
TTL expired packets, 355, 467-468
TTL packets, 355, 467-468
tunnels
described, 336
ICMP, 479-480
UDP, 479-480
VPNs, 335-336
TWC (Trustworthy Computing), 141
two-factor authentication, 324, 346
type of service (TOS), 70