index_P | Penetration Testing and Network Defense

< Day Day Up >

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

packet sniffers
     detecting session hijacking
     Ethereal, monitoring session hijacking attacks 2nd
packets, out-of-sequence
Pandora
Passive reconnaissance
passive scanners, Kismet
passive session hijacking
password cracking
     attacks, detecting
    brute force attacks
         Brutus
         detecting 2nd
         HTTP Brute Forcer
         protecting against
     case study
     employee education, implementing
     protecting against
     salts
     utilities
         Boson GetPass
         Hypnopædia
         John the Ripper
         L0phtcrack 2nd 3rd
         Nutcracker
         pwdump
         pwdump3
         RainbowCrack
         Snadboy Revelation
password hashing
     on Microsoft systems
     on UNIX systems
password policies
passwords [See also password cracking]
     brute force attacks
         detecting on SQL servers
     encrypted
     erasing
     hidden field exploit 2nd
     securing on routers
     testing for vulnerabilities
patience as social engineer trait
penetration tests
     preparing for
     vendors, selecting
Perl (Practical Extraction and Report Language)
permissions, UNIX
     assigning to root user
     elevation techniques
persuasion
     authority-based persuasion
     conformity persuasion
     information-based persuasion
     logic persuasion
     need-based persuasion
     reciprocation-based persuasion
     similarity-based persuasion
phishing 2nd
phone numbers of telecommuters, obtaining
PHP (Hypertext Preprocessor)
PHP (Personal Home Page)
Phrack Magazine
physical access policies
physical protection, implementing
PictureClock.class
Ping of Death attacks
PipeUpAdmin
plain-text passwords
plug-ins, BO2K
port scanning
     ACK scans
     case study
     dumb scans
     FIN scans
     inadvertant DoS attacks
     NMAP
     NULL scans
     SYN scans
     TCP connect() port scans
     Xmas-Tree scans
ports
     monitoring 2nd
     on Microsoft SQL Server
preparing
     for penetration testing
     security policies
preventing
     attacks on wireless networks 2nd
         MITM attacks
     backdoor applications
     buffer overflows
     DoS attacks
         through application hardening
         through network hardening
     server attacks
     Trojan horse applications
privilege escalation on IIS web servers
privileged exec mode
Project Scope
protecting
     against brute force attacks
     against database attacks
     against password-cracking attacks
     against session hijacking
     against social engineering attacks
protocol exceptions
PS/SQL (Procedural Language/Structured Query Language)
Public Role (Microsoft SQL Server)
pwdump
pwdump3

< Day Day Up >