Sniffers, Session Hijacking, and Denial of Service
Trojans and Backdoors
- Trojans are programs that pretend to do one thing but when loaded actually perform another more malicious act.
Table FF.4. Remote Control Programs and Their Default Ports
Name
Default Protocol
Default Port
Back Orifice
UDP
31337
Back Orifice 2000
TCP/UDP
54320/54321
Beast
TCP
6666
Citrix ICA
TCP/UDP
1494
Donald Dick
TCP
23476/23477
Loki
ICMP
NA
Masters Paradise
TCP
40421/40422/40426
Netmeeting Remote Desktop Control
TCP/UDP
49608/49609
NetBus
TCP
12345
Netcat
TCP/UDP
Any
pcAnywhere
TCP
5631/5632/65301
Reachout
TCP
43188
Remotely Anywhere
TCP
2000/2001
Remote
TCP/UDP
135139
Timbuktu
TCP/UDP
407
VNC
TCP/UDP
5800/5801
- Email attachments are the number one means of malware propagation.
- A wrapper is a program used to combine two or more executables into a single packaged program.
- A covert channel is a means of moving information in a manner in which it was not intended.
- Port redirection works by listening on certain ports and then forwarding the packets to a secondary target. Some of the tools used for port redirection include datapipe, fpipe, and Netcat.
|
Netcat Switch |
Purpose |
|---|---|
|
nc -d |
Used to detach Netcat from the console |
|
nc -l -p [port] |
Used to create a simple listening TCP port, adding u will place it into UDP mode |
|
nc -e [program] |
Used to redirect stdin/stdout from a program |
|
nc -w [timeout] |
Used to set a timeout before Netcat automatically quits |
|
Program | nc |
Used to pipe output of program to Netcat |
|
nc | program |
Used to pipe output of Netcat to program |
|
nc -h |
Used to display help options |
|
nc -v |
Used to put Netcat into verbose mode |
|
nc -g or nc -G |
Used to specify source routing flags |
|
nc -t |
Used for Telnet negotiation |
|
nc -o [file] |
Used to hex dump traffic to file |
|
nc -z |
Used for port scanning, no I/O i |
Sniffers |
Part I: Exam Preparation
The Business Aspects of Penetration Testing
- The Business Aspects of Penetration Testing
- Study Strategies
- Security Fundamentals
- Security Testing
- Hacker and Cracker Descriptions
- Ethical Hackers
- Test PlansKeeping It Legal
- Ethics and Legality
- Summary
- Key Terms
- Apply Your Knowledge
The Technical Foundations of Hacking
- The Technical Foundations of Hacking
- Study Strategies
- The Attackers Process
- The Ethical Hackers Process
- Security and the Stack
- Summary
- Key Terms
- Apply Your Knowledge
Footprinting and Scanning
- Footprinting and Scanning
- Study Strategies
- Determining Assessment Scope
- The Seven-Step Information Gathering Process
- Summary
- Key Terms
- Apply Your Knowledge
Enumeration and System Hacking
- Enumeration and System Hacking
- Study Strategies
- The Architecture of Windows Computers
- Enumeration
- Windows Hacking
- Summary
- Key Terms
- Apply Your Knowledge
Linux and Automated Security Assessment Tools
- Linux and Automated Security Assessment Tools
- Study Strategies
- Linux
- Automated Assessment Tools
- Picking the Right Platform
- Summary
- Key Terms
- Apply Your Knowledge
Trojans and Backdoors
- Trojans and Backdoors
- Study Strategies
- An Overview of TrojansThe History of Trojans
- Covert Communications
- Trojan and Backdoor Countermeasures
- Summary
- Key Terms
- Apply Your Knowledge
Sniffers, Session Hijacking, and Denial of Service
- Sniffers, Session Hijacking, and Denial of Service
- Study Strategies
- Sniffers
- Session Hijacking
- Denial of Service
- Summary
- Key Terms
- Apply Your Knowledge
Web Server Hacking, Web Applications, and Database Attacks
- Web Server Hacking, Web Applications, and Database Attacks
- Study Strategies
- Web Server Hacking
- Web Application Hacking
- Database Overview
- Summary
- Key Terms
- Apply Your Knowledge
Wireless Technologies, Security, and Attacks
- Wireless Technologies, Security, and Attacks
- Study Strategies
- Wireless TechnologiesA Brief History
- Wireless LANs
- Wireless Hacking Tools
- Securing Wireless Networks
- Summary
- Key Terms
- Apply Your Knowledge
IDS, Firewalls, and Honeypots
- IDS, Firewalls, and Honeypots
- Study Strategies
- Intrusion Detection Systems
- Firewalls
- Honeypots
- Summary
- Key Terms
- Apply Your Knowledge
Buffer Overflows, Viruses, and Worms
- Buffer Overflows, Viruses, and Worms
- Study Strategies
- Buffer Overflows
- Viruses and Worms
- Summary
- Key Terms
- Apply Your Knowledge
Cryptographic Attacks and Defenses
- Cryptographic Attacks and Defenses
- Study Strategies
- Functions of Cryptography
- History of Cryptography
- Algorithms
- Hashing
- Digital Signatures
- Steganography
- Digital Certificates
- Public Key Infrastructure
- Protocols, Standards, and Applications
- Encryption Cracking and Tools
- Summary
- Key Terms
- Apply Your Knowledge
Physical Security and Social Engineering
- Physical Security and Social Engineering
- Study Strategies
- Physical Security
- Social Engineering
- Summary
- Key Terms
- Apply Your Knowledge
Part II: Final Review
- Fast Facts
- Ethics and Legality
- Footprinting
- Scanning
- Enumeration
- System Hacking
- Trojans and Backdoors
- Sniffers
- Denial of Service
- Social Engineering
- Session Hijacking
- Hacking Web Servers
- Web Application Vulnerabilities
- Web-Based Password Cracking Techniques
- SQL Injection
- Hacking Wireless Networks
- Virus and Worms
- Physical Security
- Linux Hacking
- Evading Firewalls, IDS, and Honeypots
- Buffer Overflows
- Cryptography
- Penetration Testing
- Certified Ethical Hacker
- Practice Exam Questions
- Answers to Practice Exam Questions
- Glossary
Part III: Appendixes
Appendix A. Using the ExamGear Special Edition Software
- Appendix A. Using the ExamGear Special Edition Software
- Exam Simulation
- Study Tools
- How ExamGear Special Edition Works
- Installing ExamGear Special Edition
- Using ExamGear Special Edition
- Contacting Que Certification
- License
- Software and Documentation
- License Term and Charges
- Title
- Updates
- Limited Warranty and Disclaimer
- Limitation of Liability
- Miscellaneous
- U.S. Government Restricted Rights
EAN: 2147483647
Pages: 247
- Using SQL Data Definition Language (DDL) to Create Data Tables and Other Database Objects
- Working with Functions, Parameters, and Data Types
- Working with SQL JOIN Statements and Other Multiple-table Queries
- Writing External Applications to Query and Manipulate Database Data
- Writing Advanced Queries and Subqueries
