hackers. See dedicated attackers
hacking contest, May 2005, 10–11
hardware drivers, IIS, 438
hardware keystroke logging, 166
hash exception rules, SRP, 222, 341
hashes for passwords
challenge-response mechanism for, 152
definition of, 146–147
extracting, 166–168
LM algorithm for, 147–148
not salted, effects of, 150
NT algorithm for, 147–148, 149
protected during authentication, 152
Syskey protecting, 150–152
when applied, 147
Haxdoor.B backdoor trojan, 43
Haxor backdoor trojan rootkit, 41
HELO lookups, anti-spam software using, 408
Help and Support service, 272
Help files, 197
HelpAssistant account, 101
HelpServicesGroup group, 107
Hensing, Robert (guide to hacker personas), 11
hidden files, 30
hidden shares, 121–122
hives, in registry, 228–229
HKCC (HKEY_CURRENT_CONFIG) entries, registry
default permissions for, 242
definition of, 228, 237
HKCR (HKEY_CLASSES_ROOT) entries, registry
default permissions for, 242
definition of, 228, 231–235
high-risk entries in, 243
malware using, 32–33, 45
HKCU (HKEY_CURRENT_USER) entries, registry
default permissions for, 242
definition of, 228, 229, 236
hardening permissions for, 247
high-risk entries in, 243–245
malware using, 33–40, 46–47
HKLM (HKEY_LOCAL_MACHINE) entries, registry
default permissions for, 242
definition of, 228, 229, 230–231
high-risk entries in, 244–246
malware using, 34, 35–46, 47–49
HKU (HKEY_USERS) entries, registry
default permissions for, 242
definition of, 228, 229, 236
.hlp files, 197
Honeynet Project, botnets tracked by, 13
host-based defense, 55–56
host-based firewall, 65–68, 439
HOSTS file, 24
Hotbar adware, 46
.ht files, 197
.hta files, 191, 197, 248
.htm files, 197
.html files, 197
HTML files, 197, 199, 248
HTML links, malicious, 7–8
.htt files, 198
HTTP requests, IIS driver for, 421–422
HTTP SSL service, 272
HTTPS, running on non-default ports, 76
Http.sys driver, IIS, 421–422
human analysis, anti-spam software using, 413
Human Interface Device Access service, 272
hybrid dictionary attacks, 145–146, 173
Hyperterminal files, 197