M | Professional Windows Desktop and Server Hardening (Programmer to Programmer)

Machine Debug Manager Service, 284

macro viruses, 391

.mad files, 199

.maf files, 199

.mag files, 199

mail server directory harvesting, 395

MakeMeAdmin application, 62

malware. See also trojans; viruses; worms

defeating, inability to, 52

definition of, 4

as highest security threat, 4–5, 53

locations of

ActiveX controls, 29

application files, 20–21

folders, 28–29

hidden files, 30

LSP software, 72–73

PATH locations, 29–30

preventing access to, 57

registry, 32–49

restored files, 30

scheduled tasks, 32

specific files, 21–27

Trusted Publishers, 31

unusual file or folder names, 31–32

URL Monikers, 32

prevalence of, 4–7

spam

definition of, 18–19

methods used by spammers, 394–396

motivation of spammers, 393–394

spam bots, 5, 395, 409, 419

speed of infection by, 5

spyware, 6, 18–19, 70

statistics regarding, 5–7

trends in, 19–20

types of, 11–14

.mam files, 199

Management service, Microsoft Exchange, 285

man-in-the-middle (MitM) attacks, 16–17, 322

.maq files, 199

.mar files, 199

.mas files, 199

master hackers, 11

.mat files, 199

.mav files, 199

.maw files, 199

MBSA (Microsoft Baseline Security Analyzer), 65

McAfee Personal firewall, 68

.mda files, 199

.mdb files, 199

.mdbhtml files, 199

.mde files, 199

.mdn files, 199

.mdt files, 199

.mdx files, 199

memory

locking pages in, 500

quota for processes, 497

message analysis, anti-spam software using, 411–413

Message Queuing Down Level Clients Service, 285

Message Queuing, IIS, 444

Message Queuing Service, 285

Message Queuing Triggers Service, 285

MessageLabs security service provider, 5, 57, 70, 392

Messenger service, 273

metabase file, IIS, 427–428

.mhtm files, 199

.mhtml files, 199

Microsoft Access, file vulnerabilities in, 193, 199

Microsoft Baseline Security Analyzer (MBSA), 65

Microsoft cabinet archive files, 194

Microsoft Certificate Services. See Certificate Services

Microsoft Document Template files, 196

Microsoft Exchange

file blocking mechanisms in, 399–401

services, 285

Microsoft Help files, 197

Microsoft IIS 6 Technet Resources, 456

Microsoft Installer Files (MSI), 489

Microsoft Installer package files, 199

Microsoft Interactive Training files, 194

Microsoft Internet Explorer. See IE (Internet Explorer)

Microsoft network client, security options for, 506–508

Microsoft Office, Administrative templates for, 516

Microsoft Outlook. See Outlook

Microsoft Outlook Express. See Outlook Express

Microsoft Patch (MSP), 489

Microsoft Powerpoint files, 200

Microsoft Search service, 274

Microsoft Shell Command files, 199

Microsoft Update, 65

Microsoft Word. See Word

Microsoft/MS Software Shadow Copy Provider service, 274

Microsoft's anti-spyware software, 70

Microsoft's patch management document, 64

Microsoft's Ten Immutable Laws of Security, 7

Microsoft's Windows Server 2003 PKI Certificate Security, 309

.mim files, 199

MIME files

type mismatches, 214, 363

vulnerabilities of, 199

misconfiguration weaknesses, 9, 16

MitM (man-in-the-middle) attacks, 16–17, 322

.mmf files, 199

Modify permission, 123, 126

monikers, URL

definition of, 353

malware using, 32

Mozilla browser, 350, 351

MS-Blaster worm, 14, 56

Msdos.sys file, 25

.msg files, 199

Msgina.dll program, 159

.msh files, 199

Mshtml.dll file, 352

.msi files, 199

MSI (Microsoft Installer Files), 489

Ms-its URI handler, 250

MSMQ HTTP Support, for IIS, 446

.msp files, 199

MSP (Microsoft Patch), 489

Msrating.dll file, 352

MSSQL$UDDI Service, 285

MSSQLServerAD Helper Service, 286

.mst files, 199

MST (Transform Files), 489

MSV1_0 authentication package, 159

MTA Stacks service, Microsoft Exchange, 285

My Computer zone, IE, 358–359