index_S

Previous page
Table of content
Next page
 < Day Day Up >   


Index


[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

SAINT (Security Administrators Integrated Network Tool)
salts
SAM file
sample databases on Microsoft SQL Server
sample Executive Summary
sample penetration test report
SamSpade
Sanfilippo, Salvatore
Sapphire worm
SARA (Security Auditor's Research Assistant)
Sarbanes-Oxley Act
Sasser worm 2nd
scan detecting
     examples
         FIN scans
         NULL scans
         OS guessing scans
         SYN scans
         TCP Connect() scans
         Xmas tree scans
scanners
scanning stage of attacks
scope of testing, defining 2nd
script-kiddies
scripting languages
     ASP
     JavaScript
     JScript
     Perl
     PHP
     VBScript
securing
     firewalls
     network architecture
     operating system
     routers
    web server applications
         Apache
         IIS
     website design
security policies
     authorship
     backup policies
     cost of protecting assets, calculating
     creating
     disaster recovery policies
     e-mail policies
     gaining company acceptance
     Internet policies
     password policies
     physical access policies
     remote access policies
     required topics
     threats to assets, identifying
     trust model
     types of
selecting penetration testing vendor
semi-directional antennas
server attacks
     detecting
     preventing
server penetration, tools for performing
server-based Java
servers, honeypots
service accounts, on Microsoft SQL Server
session hijacking 2nd
     ACK storms
     blind spoofing
     case study 2nd
     detecting
         with packet sniffers
     detecting with Cisco IDS 2nd
     Kevin Mitnick's attack on Tsutomu Shimomura's computer 2nd
     monitoring with Ethereal 2nd
     nonblind spoofing
     protecting against
     TCP sequence prediction
     TTY-Watcher
     utilities
         Hunt
         Juggernaut
         T-Sight
     watching
session replays versus session hijacking
Shimomura, Tsutomu
shoveling remote shells
showcode.asp
signature-based IDSs, evading
     detecting DoS attacks
signatures, detecting session hijacking 2nd 3rd
similarity-based persuasion
Simon, William
simplex connection hijacking
single-server e-commerce architecture
Site Security Handbook
Slammer worm
SMBdie
Smith, David
Smurf amplifiers
Smurf attacks
Snadboy Revelation
social engineering 2nd 3rd
     behavioral profiling
     case study
     customers, impersonating
     defending against
     e-mail impersonation
     employees, impersonating
     end-users, impersonating
     human-based
    persuasion, types of
         authority-based persuasion
         conformity persuasion
         information-based persuasion
         logic persuasion
         need-based persuasion
         reciprocation-based persuasion
         similarity-based persuasion
     RSE
     tech support
     technology-based
     third parties, impersonating
    traits necessary for
         confidence
         patience
         possessing inside knowledge
         trust
     user group meetings
     web page spoofing
     wetware
     witness consultants as coaches
sockets
software, open source
    witness consultants as coaches
         characteristics of
SOX (Sarbanes-Oxley) Act
spacefiller viruses
SPAN (Switched Port Analyzer)
special-purpose application registers
Spendor Datapool
spoofed e-mail messages
SQL (Structured Query Language)
     brute force server attacks, case study 2nd
     commands
     master database
    servers
         brute force attacks, detecting
         system stored procedures
SQL injection 2nd
     testing vulnerability to
SQL Slammer worm 2nd
SQLPing2
SSIDs (service set identifiers)
SSL infinite loops
stack fingerprinting
stack smashing exploit
stacks
     non-executable, preventing buffer overflows
stages of attacks
     erasing evidence
     maintaining access
     obtaining access
     reconnaissance
     scanning
standards for wireless networks, enforcing
stored procedures 2nd
     extended
STP (Spanning Tree Protocol)
     hardening switches against attacks
     testing switches for vulnerabilities
structure
     of Microsoft SQL Servers
     of MySQL databases
     of Oracle databases
StumbVerter
SubSeven 2nd 3rd 4th
superusers, assigning permissions to
susceptibility of databases to attack
switches
     ARP attacks, hardening against
     MAC table flooding attacks, hardening against
     NMAP
     STP attacks, hardening against
     testing for vulnerabilities
         via ARP attacks
         via MAC table flooding
         via STP
         via VLAN hopping
         via VTP attacks
     VLAN hopping
     VTP attacks, hardening against
symptoms of session hijacking
SYN floods 2nd
SYN scans
system log files, detecting password-cracking attacks
system stored procedures
system tablespace
sysxlogins

 < Day Day Up >   

Previous page
Table of content
Next page
Penetration Testing and Network Defense
Penetration Testing and Network Defense
ISBN: 1587052083
EAN: 2147483647
Year: 2005
Pages: 209
Authors: Andrew Whitaker, Daniel Newman
BUY ON AMAZON
OpenSSH: A Survival Guide for Secure Shell Handling (Version 1.0)
Inside Network Security Assessment: Guarding Your IT Infrastructure
Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
DNS & BIND Cookbook
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy