Flylib.com
List of Code Examples
Previous page
Table of content
Next page
Chapter 1: Introduction to Intrusion Detection
Example 1.1. Transmission of the Password File as a Part of LOK12 Attack
Example 1.2. Detecting LOK12 Attack (TCPdump Log-File Fragment)
Example 1.3. Providing Remote Clients Access to Local Servers by the Telnet
Example 1.4. Remote Attack with the FTP Protocol (for the IPCHAINS Firewall)
Chapter 4: The Three Basic Principles of Intrusion Detection
Example 4.1. Port Scanning Implemented Using Haktek (TCPdump Log File)
Example 4.2. Port Scanning (-sT) Using Nmap (a Fragment of the TCPdump Log File)
Example 4.3. Port Scanning (-sS) Using Nmap (a Fragment of the TCPdump Log File)
Example 4.4. Port Scanning (-sU) Using Nmap (a Fragment of the TCPdump Log File)
Example 4.5. Detecting Host Scanning (a Fragment of the Check Point Firewall-1 Log File)
Example 4.6. Host Scanning (a Fragment of the TCPdump Log File)
Example 4.7. Detection of the SMURF and Fraggle Attacks (a Fragment of the Cisco Router Log File)
Example 4.8. Detecting Scanning for Vulnerable CGI Scripts (a Fragment of the WWW Server Log File)
Example 4.9. Detecting Requests to Vulnerable CGI Scripts Such as Test-cgi and Aglimpse (a Fragment of the Snort Log File)
Example 4.10. Detecting the Usage of Reserved Addresses
Example 4.11. Detecting the Usage of Reserved Addresses
Example 4.12. Land Attack (TCPdump Log File Fragment)
Example 4.13. Stealth Scanning Using SYN/ACK (Fragment of the TCPdump Log File)
Example 4.14. FIN Scanning (-sF) Using Nmap
Example 4.15. Xmas Scanning (-sX) Using Nmap (a Fragment of the TCPdump Log File)
Example 4.16. Null Scanning (-sN) Using Nmap
Example 4.17. Null Scanning Using Nmap
Example 4.18. FIN Scanning Using Nmap
Example 4.19. The "Christmas Tree Pattern" (Fragment from a Snort Log File)
Example 4.20. Detecting a Suspicious Situation (a Fragment of the Dragon Log File)
Example 4.21. OS Fingerprinting Using QueSO
Example 4.22. OS Fingerprinting Using QueSO (a Fragment of the TCPdump Log File)
Example 4.23. Using Reserved ECN Flags in the TCP Packet Header (a Fragment of the TCPdump Log File)
Example 4.24. Using Reserved ECN Flags in the TCP Header
Example 4.25. Detecting Suspicious Activity (a Fragment of the TCPdump Log File)
Example 4.26. Detecting a Ping of Death attack (a fragment of the TCPdump log file)
Example 4.27. The Tiny Fragment Attack (a Fragment of the TCPdump Log File)
Example 4.28. Detecting the SubSeven Trojan (a Fragment of the Snort Log File)
Example 4.29. Detecting the SubSeven Trojan (a Fragment of the IPCHAINS Log File)
Example 4.30. Detecting the SubSeven Trojan (a Fragment of the Ascend SecureConnect 3.03 Log File)
Example 4.31. Detecting the SubSeven Trojan (a Fragment of the ZoneAlarm Log File)
Example 4.32. Detecting the SubSeven Trojan
Example 4.33. Detecting the SubSeven Trojan
Example 4.34. Detecting of the SubSeven Trojan
Example 4.35. Detecting the Satans Trojan (a Fragment of the Snort Log File)
Example 4.36. Detecting the BackOrifice Trojan (a Fragment of the SHADOW Log File)
Example 4.37. Detecting the BackOrifice Trojan (a Fragment of the IPCHAINS Log File)
Example 4.38. Detecting the BackOrifice Trojan (a fragment of the TCPdump log file)
Example 4.39. Detecting the WinTrin00 Trojan (a Fragment of the Cisco Router Log File)
Example 4.40. Detecting the mstream Trojan
Example 4.41. Detecting the NetBus Trojan (the Output Produced by the Netstat -a Command)
Example 4.42. Detecting the NetBus Trojan
Example 4.43. Analysis of the Header Returned by the IMAP Service
Example 4.44. Examples of Security Messages Produced by Cisco Equipment
Example 4.45. A Fragment of the Check Point Firewall-1 Log File
Example 4.46. A Fragment of the Apache Log File (access_log)
Example 4.47. A Fragment of the Apache Log File (error_log)
Chapter 5: Detecting Attack Traces
Example 5.1. Exploiting the expn Vulnerability in Sendmail Implementation
Example 5.2. Failed Attempts to Logon to Windows Nt 4.0 (Fragments of the Security Log File)
Chapter 9: Selecting an Intrusion Detection System
Listing 9.1. An Example of a Rule in P-BEST for Detecting Failed Logon Attempts
Listing 9.2. An Example of a Rule for Detecting a WinNuke Attack Written in N-Code
Listing 9.3. An Example of a Rule for Detecting a Land Attack Written in N-Code
Listing 9.4. An Example of a Rule for Detecting Attempts of Xmas Scanning Written in N-Code
Listing 9.5. Fragment of the Rule DESCRIBING the Land Attack Using Predefined Variables
Listing 9.6. An Example of a Rule Created Using the RUSSEL Language for Detection of Failed Login Attempts During the Specified Time Period
Listing 9.7. An Example of a SecureLogic Script
Listing 9.8. An Example of a Description of Hidden TCP Scanning Written in CASL
Listing 9.9. A Fragment of an NASL Script Describing a Check for Detecting Web Server Vulnerability
Listing 9.10. A Fragment of the NASL Script Describing the Check to Detect FTP-Server Vulnerability
Listing 9.11. An Example of a Rule Written in VDL That Detects the Presence of the Telnet Service
Listing 9.12. An Example of a Rule Written in VDL That Detects the Presence of the SuperApp Application
Listing 9.13. A Fragment of the TCPdump Log File
Listing 9.14. A Fragment of the Apache Web Server Log File Named access_log
Listing 9.15. A Fragment of the SecurityEvent Log File of a Windows NT-Based Operating System
Listing 9.16. A Fragment of the Cisco IDS 4200 Log File
Listing 9.17. A Fragment of the Snort Log File
Listing 9.18. An Example of Script Written Using the Expect Language to Reconfigure Cisco Routers
Chapter 11: Using Intrusion Detection Systems
Example 11.1. Automation of the Security Scanning Process and Report Creation (in Internet Scanner for Windows NT)
Example 11.2. Using the AT Scheduler (Windows NT)
Chapter 12: Common IDS Problems
Example 12.1. An Example Illustrating the Malicious Usage of JavaScript
Chapter 13: Standardization in the Field of Intrusion Detection
Example 13.1. An Example Illustrating the Use of CISL for Describing Rules for Deleting the/etc/passwd File
Previous page
Table of content
Next page
Protect Your Information with Intrusion Detection (Power)
ISBN: 1931769117
EAN: 2147483647
Year: 2001
Pages: 152
Authors:
A. Lukatsky
,
Alex Lukatsky
BUY ON AMAZON
Beginning Cryptography with Java
Message Digests, MACs, and HMACs
Asymmetric Key Cryptography
Object Description in Cryptography Using ASN.1
Certificate Revocation and Path Validation
Appendix C Using the Bouncy Castle API for Elliptic Curve
FileMaker Pro 8: The Missing Manual
Changing Multiple Records
Advanced Field Options
What Is a Layout?
Calculations and Data Types
Logical Functions
SQL Hacks
Date Handling
Hack 45. Process Web Server Logs
Hack 63. Generate Rows Without Tables
Hack 75. Minimize Bandwidth in One-to-Many Joins
Hack 84. Store Comma-Delimited Lists in a Column
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Serial Interfaces
Networking Technologies
Fast Switching and Process Switching
Border Gateway Protocol
Bridging
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
Conclusion
Working with the Workbooks Collection
Working with the Dialog Object
VSTO Extensions to the Word and Excel Object Models
Part Four. Advanced Office Programming
GDI+ Programming with C#
A Simple Text Editor
Regions and Clipping
A Brief History of Printing with Microsoft Windows
Developing GDI+ Web Applications
Your First Graphics Web Application
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies