P

Previous page
Table of content
Next page

pagefile, creating, 498

Pakistani Brain virus, 5

partitions, in Active Directory, 525

passfilt.dll file, 144

Passport Authentication, IIS, 430, 432, 433

password attacks

on cached credentials, 176–177

commonly-used password lists for, 146

with Credential Manager, 179–181

defending against, 183–187

on domain computer accounts, 177–179

island hopping, 183

LM hash algorithm and, 149

NT hash algorithm and, 149

password capturing, 165–166

password guessing, 163–165, 171–175

password resetting, 160–163

with physical access, 18

on RDP connection objects, 181

password capturing, 165–166

password cracking

birthday attacks, 173

brute-force attacks, 171–172

definition of, 166

dictionary-based, 144, 145–146, 172–173

hybrid dictionary attacks, 145–146, 173

LC5 program, 174–175

LCP program, 175

password hashes, extracting, 166–168

programs for, finding, 175

rainbow tables, 173–174

share password attacks, 169

sniffing authentication traffic, 168–171

password files, 200

password guessing, 163–165, 171–175

Password List reader, 181

password logging trojans, 165

Password Reset Diskette, 182

password resetting, 160–163

passwords

alternatives to, 187

auditing, 187

for BIOS, 71

boot-up passwords, 71

changing frequently, 186

commonly used, 146

complexity requirements for, 144–146, 184

default passwords, 146

definition of, 141

expiration warning for, 506

group policy settings for, 492–493

hashes for

challenge-response mechanism for, 152

definition of, 146–147

extracting, 166–168

LM algorithm for, 147–148

not salted, effects of, 150

NT algorithm for, 147–148, 149

protected during authentication, 152

Syskey protecting, 150–152

when applied, 147

for highly privileged accounts, 74

length requirements

guidelines for, 184

for strong passwords, 146

when complexity enabled, 144

machine account changes of, 504–505

multiple incorrect entries, lockout resulting from, 185–186

number of possible passwords, 141–142

random password generators, 187

resetting, EFS keys lost by, 464

for service accounts, 263

size of, 141–142

strong passwords, 146

studies regarding, 145

Unicode characters used in, 142–144

patch management document, Microsoft, 64

Patch, Microsoft (MSP), 489

patches

for high-risk files, 225

for IE (Internet Explorer), 367

installing, for IIS, 440–441

keeping up-to-date, 63–65

level of, 63

management tools for, 64–65

regression testing of, 64

for services, 293–294

as sign of attack, 10

Path exception rules, SRP, 223, 343

PATH locations, malware in, 29–30

payload damage attacks, 23

PC Anywhere program, 41

pcAnywhere autotransfer files, 194

PDC Emulator, FSMO role, 523

.pdc files, 200, 248

PDF ebook files, 197

PDF files, exploitations of, 52, 200

penetration tests, for IIS, 456

Perfect Forward Secrecy (PFS), 314–315

Performance Log Users group, 86, 108

Performance Logs and Alerts service, 275

Performance Monitor Users group, 86, 109

Perl script files, 200

permanent shared objects, creating, 498

permissions. See also NTFS permissions; Share permissions

for GPOs (group policy objects), 533–535

for IIS, 433–436

for registry, 241–243

setting on per-socket basis, 126

Petch trojan, 33, 41

PFS (Perfect Forward Secrecy), 314–315

pharming attacks, 18–19, 397, 418

phishing attacks. See also malware

definition of, 18–19

e-mail used for, 396–397

IE 7 features defending against, 348

prevalence of, 5–6

spearfishing, 396

URL spoofing used for, 354–357

phishing filter, IE settings for, 374, 377, 382–383

physical attacks

defending against, 70–71

definition of, 17, 56

physical security, IIS, 438

.pif files (Program Information Files), 191, 200, 248

pings, scanning for IP addresses using, 9

.pl files, 200

platforms, exploitations of, 52–53. See also Windows

Plug and Play service, 275

plug-in exploits, IE, 364–365

.png files, 200, 248

.pol files, 200, 248

PolicyMaker (Desktop Standard), 224, 346

POP3 service, Microsoft Exchange, 285

Popdis Trojan, 47

pop-up blocker, IE settings for, 374, 377

Portable Media Serial Number Service, 275

ports

firewall ports for IPSec, 318–319

services, running on non-default ports, 6–7, 75–76

Postini security service provider, 57, 70

.pot files, 200

.pothtml files, 200

Power Users group

definition of, 109

protecting, 74

removed in Windows Vista, 76, 87

SID for, 86, 87

Powerpoint files, 200

.ppa files, 200

.ppt files, 200

Ppt11.adm template, 516

.ppthtml files, 200

preEmpt product (Pivx), 387

pre-shared key (PSK), 309

Pre-Windows 2000 Compatibility Access group, 86, 113, 116

Pre-Windows 2000 group, 109–110

.prf files, 200

principal. See security principal

Print Operators group, 86, 110

Print Server for Macintosh service, 286

Print Spooler service, 276

printer drivers, security options for, 503

privileges

password protections for highly privileged accounts, 186–187

renaming highly privileged accounts, 73–75, 186

running software with decreased privileges, 63

running software with escalated privileges

RunAs feature, 59–63, 114

third-party applications for, 62

for users, 58–63, 218–219

processes

accounts that can start, specifying, 501

memory quota of, policy settings for, 497

profiling, 501

worker processes, IIS, 422–425

Profile Assistant, IE, 382

Program Files folder, 132

Program Information Files (.pif files), 191, 200, 248

program overlay files, 199

programs. See executable files; software

Protected Storage service, 276

protocol in URL. See URL monikers

Proxy SID, 85

Psgetsid utility (Sysinternals), 87, 89

PSK (pre-shared key), 309

.pst files, 200

Pub11.adm template, 516

publications

about anti-phishing and anti-spoofing, 357

Certificate Auto-enrollment in Windows XP, 478

about cross-site scripting, 357

about EFS, 478

EFS article (Russinovich), 478

Encrypting File System in Windows XP and Windows Server 2003, 478

"Follow the Bouncing Malware" article, 19

"The Great Password Debates: Pass Phrases vs. Passwords" (Microsoft), 145

Key Archival and Management in Windows Server 2003, 478

Microsoft's Windows Server 2003 PKI Certificate Security, 309

Offline EFS, 468

security guides, 289

Windows Data Protection, 478

Windows Server 2003 Security Infrastructures (De Clercq), 86

Pwdump program, 166–168

PWL files, 181, 200

Pwl Tools, 181

Pwservice.exe program, 166

.py files, 200


Previous page
Table of content
Next page
Professional Windows Desktop and Server Hardening
Professional Windows Desktop and Server Hardening (Programmer to Programmer)
ISBN: 0764599909
EAN: 2147483647
Year: 2004
Pages: 122
Authors: Roger A. Grimes
BUY ON AMAZON
Cisco IOS Cookbook (Cookbooks (OReilly))
Competency-Based Human Resource Management
Practical Intrusion Analysis: Prevention and Detection for the Twenty-First Century: Prevention and Detection for the Twenty-First Century
Pocket Guide to the National Electrical Code(R), 2005 Edition (8th Edition)
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy