Physical Security and Social Engineering

Virus and Worms

  • Master boot record infection This is the original method of attack. It works by attacking the master boot record of floppy disks or the hard drive. This was effective in the days when everyone passed around floppy disks.
  • File infection A slightly newer form of virus that relies on the user to execute the file. Extensions such as .com and .exe are typically used. Some form of social engineering is normally used to get the user to execute the program. Techniques include renaming the program or trying to run an .exe extension and make it appear as a graphic or .bmp.
  • Macro infection The most modern type of virus began appearing in the 1990s. Macro viruses exploit scripting services installed on your computer. The I Love You virus is a prime example of a macro infector.
  • Signatures scanning antivirus programs work in a similar fashion as IDS pattern matching systems. Signature scanning antivirus software looks at the beginning and end of executable files for known virus signatures.
  • Heuristic scanning is another method that antivirus programs use. Software designed for this function examines computer files for irregular or unusual instructions.
  • Integrity checking can also be used to scan for viruses. Integrity checking works by building a database of checksums or hashed values. These values are saved in a file. Periodically new scans occur, and the results are compared to the stored results.
  • Activity blockers can also be used by antivirus programs. An activity blocker intercepts a virus when it starts to execute and blocks it from infecting other programs or data. Activity blockers are usually designed to start upon bootup and continue until the computer is shut down.

Physical Security

Part I: Exam Preparation

The Business Aspects of Penetration Testing

The Technical Foundations of Hacking

Footprinting and Scanning

Enumeration and System Hacking

Linux and Automated Security Assessment Tools

Trojans and Backdoors

Sniffers, Session Hijacking, and Denial of Service

Web Server Hacking, Web Applications, and Database Attacks

Wireless Technologies, Security, and Attacks

IDS, Firewalls, and Honeypots

Buffer Overflows, Viruses, and Worms

Cryptographic Attacks and Defenses

Physical Security and Social Engineering

Part II: Final Review

Part III: Appendixes

Appendix A. Using the ExamGear Special Edition Software



Certified Ethical Hacker Exam Prep
Certified Ethical Hacker Exam Prep
ISBN: 0789735318
EAN: 2147483647
Year: 2007
Pages: 247
Authors: Michael Gregg

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net