FakeGina trojan, 165
.far files, 196, 248
Fast User Switching Compatibility service, 271
.fav files, 197
Favorites list files, 197
Fax Service, 272
FBI, 2004 Computer Crime and Security Survey by, 5
Federal Information Processing Standards (FIPS), 464–465
FEK (File Encryption Key), 464–465
File Archive File Format files, 194
File Archive files, 194
file associations
hidden, 212
high-risk, blocking, 247–249
permission to change, 250–251
in registry, 231–235
vulnerabilities of, 30, 38, 39, 203, 243
in Windows Explorer, 235
file attachments
blocking, 398–401
malicious, 391–392
File Encryption Key (FEK), 464–465
file execution attacks, 361–362
The File Extension Source, 203
file extensions, hidden, 32–33
File Replication Service
definition of, 272
Replicator group for, 110
Windows version comparisons for, 288
File Service for Macintosh, 284
file sharing
of EFS-protected files, 466–467
Simple File Sharing, 131
file system settings, group policy, 513–514
File Transfer Protocol (FTP), for IIS, 445
FileMon utility (Sysinternals), 240, 292, 425
files. See also specific files
assigning permissions to, 97–99
buffer overflow attacks on, 191
decrypting with EFS, 461
default permission settings for, 132–135
defending against attacks of, 218–225
downloading, IE settings for, 370, 376
encrypting
with Cipher.exe, 461
with EFS, 460–461
high-risk files
ADS (Alternate Data Streams), 214–216
auditing for, 224–225
blocking, 225
configuration files, 193
Debug.exe program as, 189, 190
definition of, 189–191
file type mismatches, 192
flawed by design, 191–192
flaws allowing misuse of, 192–193
list of, by type, 193–203, 247–249
with magic names, 193
MIME type mismatches, 214, 363
naming tricks used on, 211–214
NTFS permissions for, 218–221
SRP for, 221–224
unused applications, 217
updating patches for, 225
Windows files, list of, 204–211
ownership of, 502
permissions for, list of, 123–126
unusual names for, malware using, 31–32
filtering, anti-spam software using, 412–413
fingerprinting, 9, 413
FIPS (Federal Information Processing Standards), 464–465
Firefox browser
exploitations of, 52–53, 350
security statistics for, 351–352
firewall ports for IPSec, 318–319
firewalls
bypassing defenses of, 321
failure of, assuming, 55
host-based firewall, 65–68, 439
firmware environment values, modifying, 501
Flash.ocx file, 353
floppy access, security options for, 504
Flush.D trojan, 49
folders. See also specific folders
assigning permissions to, 97–99
decrypting with EFS, 461
default permission settings for, 132–135
encrypting with EFS, 460–461
installing software to non-default folders, 76
permissions for, list of, 123–126
Share permissions for, 119–121
unusual names for, malware using, 31–32
"Follow the Bouncing Malware" article, 19
ForceSQL program, 165
Foreign Security Principals OU, 520
forest root domain, in Active Directory, 522
forest trusts, 522
forests, in Active Directory, 521
Fp11.adm template, 516
fraudulent e-mail. See phishing attacks
FrontPage 2002 Server Extensions, for IIS, 445, 449
FSMO (Forest Single Master Operations) roles, 523–524
FTP (File Transfer Protocol), for IIS, 445
FTP Publishing Service, 284
ftp URI handler, 250
Full Control permission
avoiding use of, 136
definition of, 119–121, 124, 126, 127
for GPOs (group policy objects), 534
improperly configured, 16
registry keys, 241
Fully Managed policies, 486