back doors
described, 634
netcat utility, 176-187
overview, 636-639
remote control, 176-187
Solaris, 285
UNIX, 277, 290
Windows, 176-190
backup domain controllers (BDCs), 94
bandwidth consumption attacks, 491-497
banner grabbing
basics, 79-81, 469
Cisco IOS, 364-365
countermeasures, 83
described, 79
firewalls, 468-469
manual techniques, 79-81
OS detection, 69
strobe utility, 54-55, 59
banners
changing, 90
Cisco devices, 362, 364-365
HTTP enumeration and, 90-91
Basic Input Output System. See BIOS; NetBIOS
BDCs (backup domain controllers), 94
BEA Weblogic servers, 539
Berkeley Internet Name Domain. See BIND
Berkeley Wireless Research Center (BWRC), 460
BGP (Border Gateway Protocol), 116-118, 356-358, 501
BGP packet injection, 400-403
BGPv4 (Border Gateway Protocol version 4), 399
BHOs (Browser Helper Objects), 629-630, 638
BIND (Berkeley Internet Name Domain)
djbdns as alternative to, 254
DNS attacks, 36, 250, 253-254
Blaster worm, 162-163, 503
Border Gateway Protocol. See BGP
bots. See also zombies
Agobot attacks, 497
described, 634, 640-641
DoS, 494-497, 503-504, 507, 641
Gaobot attacks, 497
IRC, 497, 640
Phatbot attacks, 497
secondary virus infections via, 641
spam and, 641
Spybot Search & Destroy tool, 631-632
types of, 641
Bridge Protocol Data Units (BPDUs), 380
Broadcast Probe Request, 417
broadcast sniffing, 373-376
Browser Helper Objects (BHOs), 629-630, 638
browsers. See web browsers
brute-force attacks
brute-force scripting, 313-325
cookie grabbing, 551-553
dial-up hacking, 315-325
NTLM authentication, 556-557
passwords, 179, 261-262
SNMP, 400
SSH, 399
Telnet, 399
UNIX, 216-218, 261-262
voicemail, 330-335
vs. password cracking, 261
war-dialing. See war-dialing
WASAT tool, 556
web administration, 399
WebSleuth tool, 551-553
BSS data overflow, 515-516
buffer overflows
BSS, 515-516
code, 512-518
DNS TSIG, 253-254
format string attacks, 516-517
GDI+ JPEG, 592-594
heap-based, 515-516, 542-543
HTR Chunked Encoding Transfer Heap Overflow, 543
IIS, 166-173
integer overflows, 226-230
ISAPI idq.dll, 543
jill exploit, 166-173
libpng, 615-618
LSASS, 163-165
off-by-one errors, 514, 518
OpenSSL overflow attacks, 257-258
PCT, 166-168
printer, 169-170
SNMP, 241-242, 404-405
Snort RPC decoding, 260
stack-based, 221-222, 513-515, 542-543
tcpdump program, 259-261
UDP port 1434 and, 131-133
UNIX, 218-222, 241-242, 265-266
web servers, 542-544
Bugtraq mailing list, 184, 210, 218
BWRC (Berkeley Wireless Research Center), 460