index_S | Network Security Assessment: Know Your Network

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

Sabin, Todd
sadmind service
    vulnerability
Sam Spade Windows client 2nd 3rd 4th
Samba
SAMR interface
save_config command (TNS Listener)
saved frame pointer overwrite
saved instruction pointer overwrite
scanning
    ACK flag probe 2nd
    connect( ) port
    dumb
    for vulnerabilities
    FTP bounce
    half-open SYN flag
    idle
    inverse TCP flag
    IP ID header
    IP network
    proxy bounce
    sniffer-based spoofed
    spoofed TCP
    stealth TCP
    SYN
    TCP port
        inverse
        third-party
    third-party port
    UDP port 2nd
    vanilla port
scanning tools
    commercial
        Cisco Secure Scanner
        Core IMPACT
        ISS Internet Scanner
    free
        Nessus utility
        nmap utility
        NSAT utility
        SuperScan utility
scanrand utility 2nd
scanudp utility
Schiffman, Mike 2nd
screenshots of specific open windows
script kiddies
search engines
Secunia web site
Secure Shell [See SSH]
SecuRemote or SecureClient software
Security Accounts Manager (SAM) database
Security Association (SA)
security events and conferences
security management effectiveness
SecurityFocus
    BID 646
segmentation fault
SELECT query
Send ICMP Nasty Garbage (SING)
Sendmail
    enumerating users through firewall with SMTP proxy
    EXPN command
    obtaining version using Help
    RCPT TO:
    security recommendations
    service assessment
    services protected by firewall
    user enumeration
    VRFY command
    vulnerabilities 2nd 3rd
sendmail system( ) command manipulation
SensePost
Server Message Block (SMB) 2nd
services command (TNS Listener)
session analysis tools
shack exploit
shell port
showmount
SIG overflow
Simple Network Management Protocol [See SNMP]
SKEY authentication mechanisms
SMB (Server Message Block)
SMB Auditing Tool (SMB-AT)
SMB-AT utility
smbbf utility
SMBCrack utility 2nd
smbdumpusers utility
SMBRelay
SMPT (Simple Mail Transfer Protocol)
    open relay testing
    probing
    relay servers
        anti-virus circumvention
    service assessment
    service fingerprinting
smtpmap utility
smtpscan utility
sniffer-based spoofed scanning
sniffing
    attacks
    interface IP addresses
SNMP (Simple Network Management Protocol)
    community strings
    compromising devices by reading from
    compromising devices by writing to
    OID values
    service vulnerabilities
    vulnerabilities
SNMP Management Information Base [See MIB data]
snmpwalk utility
snmpXdmid service
    RPC service vulnerability
social engineering
Soft Project web site
software vulnerabilities
Solaris
    globbing issues
    mail server
        security recommendations
        vulnerabilities
    version 8 accessible services vulnerabilities
    versions 2.5 through 2.7 exploits
Song, Dug 2nd
source ports, using specific
source routing
    loose
    vulnerabilities
source routing testing
sp_makewebtask procedure
SPIKE Proxy
SPIKE utility
spoofed TCP scanning
spoofing attacks
spoofscan utility
SQL Auditing Tool (SQLAT)
SQL Server
    brute-force utilities
    buffer overflow vulnerabilities
    command injection
    transport protocols
    tutorial
SQL Server Resolution Service (SSRS)
sqlbf utility
sqlping utility
SSH (Secure Shell)
    brute-force password grinding
    fingerprinting
    service assessment
    service banner
        grabbing using telnet
    service fingerprints, common
    vulnerabilities
SSH Communications
ssh port
SSH1 CRC32 compensation vulnerability
SSL
    web service
SSRS (SQL Server Resolution Service)
stack (runtime memory)
stack frame
    pointer
    variables
stack off-by-one [See off-by-one]
stack overflows 2nd
stack pointer
stack smash
stacks
    overwriting any word on
    reading adjacent items on
    reading data from any address on
standard scanning methods
statd service
static overflows
status (rpc.statd)
status command (TNS Listener)
stealth TCP scanning methods
stop command (TNS Listener)
stored procedures, calling
Strict Source and Route Record (SSRR)
stunnel utility 2nd
    identifying web services using
subnet broadcast addresses, identifying
SummerCon web site
Sun Solstice AdminSuite daemon (sadmind) vulnerability
SuperScan utility 2nd
Syn Ack Labs
SYN port scan
SYN probe packet
SYN/ACK packet
synlogger
Sys-Security Group
systat services
system commands, running arbitrary
System V-derived /bin/login static overflow exploits