ABI (application binary interface), 222
AccelePort RAS adapters, 297
access control lists. See ACLs
access points (APs), 408-409
Account Policy feature, 151-153
ACE/Server PBX protection, 329
ACK packets, 46-47, 52-54, 491-492
ACLs (access control lists)
Cisco, 472, 477, 479-480
DumpACL tool, 98, 143
liberal , 477
limiting ICMP traffic with, 49, 51
NTFS, 171, 206
routers and, 481, 505
tracerouting and, 38
Active Directory (AD)
enumeration, 118-123
permissions, 121
zone transfers, 84
Active Scripting
countermeasures, 579-580, 597
e-mail, 580, 591
exploits, 579, 596
Active Server Pages. See ASP
active stack fingerprinting, 69-72
ActiveX
countermeasures, 577
enabling/disabling, 602-604
exploits, 575-577
HTML Help ActiveX control, 583, 599
security zones, 579, 602-604
ActiveX controls, 575-577
described, 575
kill bit, 610-611
Shockwave, 603-604
unneeded, 610-611
address book worms, 589-591
Address Resolution Protocol. See ARP
Administrator accounts
permissions, 172
privilege escalation, 173-175
Windows family, 144-148, 173-178, 600
adore kernel rootkit, 287
ADS (Alternate Data Streams), 198-199, 637-638
AFS (Andrew File System), 259-260
Air-Jack, 439, 445, 447, 455-457
Airfart tool, 433-435, 461
AiroPeek NX, 409-410, 435-436, 441
alert.sh utility, 67, 466
allow-transfer directive, 36
Alternate Data Streams (ADS), 198-199, 637-638
America Online (AOL), 32, 505, 621
American Registry for Internet Numbers. See ARIN
amplification, 493-494, 500
amplification ratio, 493-494
Andrew File System (AFS), 259-260
anonymous connections, 96-111
antennas, wireless, 411-414, 461
antispyware programs, 631-633, 643
AntiSpyware tool, 631-632
antivirus software, 193, 594, 643
AOL (America Online), 32, 505, 621
Apache Web Server
attacks on, 258-259, 536, 539, 543
canonicalization issues, 520-522
FrontPage and, 546-547
JSP source code disclosure, 539
Mac systems, 137
SSL buffer overflows, 543
APNIC organization, 20, 28-29
application binary interface (ABI), 222
application-layer DoS attacks, 497
applications. See also code; specific applications
development issues, 532-533
proxies, 464
resources, 532-534
Security Development Lifecycle, 524-532
web. See web applications
Windows family, 142, 209
APs (access points), 408-409
APS (NTLM Authorization Proxy Server), 556-557
APWG (Anti-Phishing Working Group), 623-624
ARIN (American Registry for Internet Numbers), 359
ARIN database, 28-31, 116-118, 356
ARP (Address Resolution Protocol), 369
ARP redirects, 159, 369-373
ARP spoofing, 341-345, 384
arpredirect program, 281, 369-373
AS (Autonomous System) lookup, 356-358
ASCII characters , 183, 519
ASEPs (autostart extensibility points), 194-195, 496, 587, 629-630
ASNs (Autonomous System Numbers), 116-118, 356-358, 399
ASO (Address Supporting Organization), 19-20
ASP (Active Server Pages), 538-541
ASP::$DATA vulnerability, 540, 542 .asp files, 171, 538-542
ASP scripts, 171, 538-541
ASPECT scripting language, 316-323, 331
ASP.NET vulnerabilities, 520, 522, 534
association requests , 439
ATT Definity system 75, 328-329
attachments
e-mail, 587-589, 591, 612
force feeding, 588-589
MIME, 589
Novell servers, 123
Audit Policy feature, 154-156, 197
auditing
Audit Policy feature, 154-156, 197
disabling, 197
SAM, 173-174
source code and, 530-531
Windows family, 154-156, 197
authenticated attacks, 173-199, 441
authentication
brute-force attacks, 315-325
databases, 562
dial-back, 324
dial-up hacking and, 313-325
DoS attacks and, 501
dual, 320-321
LanMan, 160-161, 182-183
NTLM, 545, 548, 556-557
single, 315-319
SMB, 143, 160
telnet, 483
two-factor , 324, 346
Autonomous System (AS) lookup, 356-358
Autonomous System Numbers (ASNs), 116-118, 356-358, 399
autostart extensibility points (ASEPs), 194-195, 496, 587, 629-630