index_D | Penetration Testing and Network Defense

< Day Day Up >

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

D.A.D. (disclosure, alteration, and destruction) attacks
D.I.S.C. profile
data dictionary
database attacks
     detecting
     tools for performing
databases
     Microsoft SQL Server
         querying
         structure of
     MySQL
     Oracle
     protecting against attacks
     RDBMSs
         vulnerabilities, testing
     susceptibility to attacks
Datapool
DAWN Security Systems, fictitious penetration test of LCN
     covering tracks
     follow-up
     gaining access 2nd 3rd
     information gathering 2nd
     maintaining access
     planning the attack
     sample report
     scanning and enumeration
DDoS (Distributed Denial of Service) attacks
DDoSPing tool
default SSIDs as security risk
defending against social engineering attacks
defining scope of testing 2nd
detecting
     backdoor applications
     brute force attacks 2nd
     database attacks
     directory traversals
     DoS attacks
         with appliance firewalls
         with host-based IDSs
         with signature-based network IDSs 2nd
     password-cracking attacks
         from physical access
         within system log files
     scans
     server attacks
     session hijacking
         with Cisco IDS 4200 series sensors 2nd
         with packet sniffers
     Trojans applications
     web attacks
         directory traversals
     Whisker attacks
    wireless network attacks
         DoS attacks
         MAC address spoofing
         on unprotected WLANs
         rogue APs
         unallocated MAC addresses
devices 2nd
     routers, testing for vulnerabilities
     switches
         testing for vulnerabilities
DHTML (Dynamic HTML)
DilDog
dipole antennas
directory traversals, detecting
disabling unnecessary router services
disaster recovery policies
discovering firewall configurations
     through firewalking
     with ACK scan
DMZ (demilitarized zone), securing network architecture
documentation
     Appendixes
     Executive Summary 2nd
         sample
     Project Scope
     Results Analysis
domain model
dominant behavior classification (D.I.S.C.)
Donald Dick
DoS (denial of service) attacks 2nd
     case study
     DDoS
     detecting
         with appliance firewalls
         with host-based IDSs
         with signature-based network IDSs
     detecting on wireless networks
     Fraggle attacks
     LAND attacks
     Ping of Death
     preventing
         through application hardening
         through network hardening
     protocol exceptions
     Smurf attacks
     SYN floods
     tools for executing 2nd
         Datapool
         Hgod
         Jolt2
downloading websites for offline viewing
DSSS (Direct Sequence Spread Spectrum)
DStumbler
DTD (Document Type Definition)
dumb scans
dumpster diving
     obtaining company information

< Day Day Up >