NAT (NetBIOS Auditing Tool), 99-100, 146-147
NAT (Network Address Translation), 205
NBMA (Non-Broadcast Multi-Access), 398
NBNS (NetBIOS Name Service), 92-96, 142
nc.exe file, 193, 198-199
NCP (Netware Core Protocol), 123. See also Netware
.NET Framework (.NET FX), 204-205
net use command, 143-144, 146, 168
net view command, 93-94, 97
NetBIOS
disabling, 149-151
enumeration, 92-111, 154
file sharing, 137
Mac systems, 137
names , 154, 376, 490
SMB and, 142, 490
NetBIOS Auditing Tool (NAT), 99-100, 146-147
NetBIOS Name Service (NBNS), 92-96, 142
NetBIOS Name Table, 94-96
NetBIOS over TCP/IP (NBT), 149-150
NetBIOS service codes, 95
NetBIOS Session Service, 142-143, 149-150
NetBIOS sessions, 96-111, 142-143, 149-150
netcat (nc) utility
back doors, 176-187
banner grabbing , 79-81
creating back channels, 234
+.htr vulnerability, 165, 171
port scanning, 55-56, 66, 476, 478
remote shell access, 176-187
NetDDE (Network Dynamic Exchange) service, 174
Netscape Communicator
cookies and, 580
disabling Java, 579-580
Java bugs , 84
SSL fraud and, 584
netstat command, 196, 504
NetStumbler tool, 408, 416-418, 441
NetWare Core Protocol (NCP), 123
NetWare Directory Service. See NDS
Network Address Translation (NAT), 205
network devices, 351-405
common TCP/UDP ports, 361
default passwords, 360
detecting Layer 2 media, 368-369
discovering, 352-356
operating system identification, 363-364
ports, 360-363
profiling, 353-356
service detection, 360-365
SNMP and, 387, 390
switch sniffing, 369-381
vulnerabilities, 351-405
Network Dynamic Exchange (NetDDE) service, 174
Network File System (NFS), 133, 238, 242-247
Network Information System (NIS), 238
network interface card (NIC), 214, 260, 280-281
network intrusion detection system. See NIDS
Network Neighborhood, 123-127, 144
Network News Transfer Protocol (NNTP), 165-167, 172
Network Solutions, Inc. (NSI), 32, 359
network traffic filters, 202-203, 505
networks
described, 352
eavesdropping countermeasures, 383
enumeration. See enumeration
Ethernet, 280, 367-368
hardening, 500-501
ingress filtering, 168
IPX, 123-127
malware and, 503, 634-646
Network Neighborhood, 123-127
passwords and, 345-346
ping sweeps , 42-50
reconnaissance, 37-40
SCADA, 489
sniffing. See sniffers
switched, 159
unplugging cable to, 642
wireless. See wireless networks
zombie, 488-489, 494-497
newsgroups
BGP, 403
network security, 403
public, 359
routing information, 403
social engineering and, 16-18
Newsham, Tim, 416, 427-428, 448-449, 517
NFS (Network File System), 133, 238, 242-247
NIC (network interface card), 214, 260, 280-281
NIDS (network intrusion detection system), 39
NIS (Network Information System), 130-131, 238, 524
nmap (network mapper) utility
described, 46
firewall scanning, 470-472
FTP bounce scans , 58-59
Mac systems, 136-138
OS detection, 69, 71-72
ping sweeping, 43-44, 46-47
port scanning, 56-59, 66, 134, 360, 476
RPC enumeration and, 129
service detection, 360-363
NNTP (Network News Transfer Protocol), 165-167, 172
Non-Broadcast Multi-Access (NBMA), 398
Northern Telcom PBX system, 326-327
Norton Antivirus program, 636
Novell Client32 connections, 124
Novell Directory Services. See NDS
Novell NetWare, 123-127. See also NetWare
Novell servers
anonymous attachments to, 123
viewing, 125-127
NSI (Network Solutions, Inc.), 359
NT hashes, 158-161, 176-178, 182
NT platform. See Windows NT platform
NTFS (NT File System), 171
NTFS file streams, 198-199
NTI (New Technologies International), 643
NTLM algorithm, 160-161, 178, 180-181
NTLM authentication, 545, 548, 556-557
NTLM Authorization Proxy Server (APS), 556-557
null route command, 362-363
null sessions
blocking, 107-108, 150-151
countermeasures, 106-111
enumeration, 96-111, 150-151
SMB and, 97