| < Day Day Up > |
|
Sabin, Todd, 234-235
Safeback utility, 627-637, 649
SAM database, 234
SAM files, 229-230
Samba, 112-115
SATAN tool, 107
scan signatures, 176-177
ScanLine tool, 101-104. See also FScan tool
scanners
FScan tool, 160, 162
Internet Security Scanner (ISS), 333-341
IpEye, 100-101
Nessus security scanner, 302-318, 358-359
netcat. See Netcat
NetScanTools, 90-94
nikto, 170-177
nmap. See nmap utility
port. See port scanning
Retina application, 327-332
ScanLine tool, 101-104
STAT Scanner, 318-327, 359-360
Stealth tool, 178-183
SuperScan tool, 94-100
Tripwire tool, 342-358
udp_scan utility, 107-109
vulnerability. See vulnerability scans
Whisker tool, 170
Windows UDP Port Scanner, 106-107
scans
ACK, 68-69
FIN, 68
hiding, 70-73
for hosts, 66-69
Idle, 72
null, 68
port. See port scanning
RPC, 66-67, 85-86
signature, 176-177
stealth, 82
SYN, 67, 69, 73, 82
for TCP ports, 66-69
TCP reverse ident scanning, 74-75
timing of, 73-74
UDP, 69-70, 101-107
vulnerability. See vulnerability scans
Xmas tree, 68
script command, 654-657
scripts
CGI, 509
cygwin.bat, 53
install.sh, 342-343
NASL, 303
Netcat, 25
Perl. See Perl scripts
Python scripts, 247-251, 297
Secure Packet Shield (SPS), 70
Secure Shell. See SSH
Secure Sockets Layer. See SSL
security
GAPING_SECURITY_HOLE option, 5-7
hosts and, 450-451
Internet Security Scanner, 333-341
Local Security Authority, 144, 235
Local Security Policy, 210
passwords. See passwords
remote access, 549-550
Rough Auditing Tool for Security, 295-299
tools on CD-ROM, 792-793
Windows platform, 210
Security Identifier (SID), 148-149
security log, 591-592
sed tool, 58
sequence numbers, 110
Serial Line Internet Protocol (SLIP), 468
Server Message Block. See SMB
servers
Apache, 15-16, 219
BIND, 419-420
BO2k, 265-268
DNS. See DNS servers
FTP, 70-72, 105, 292-293
HTTPS, 188
IIS, 150, 163-164
Linux, 286-287
name, 413, 417
Netbus, 263-264
NFS, 117-118
RADIUS, 19-20
remote, 158-159
SMTP, 450
SSH, 23-24, 33-34
SSL, 187
Sub7, 270-275
telnet, 5, 15, 74
TFTP, 12
Tripwire Server, 352
UDP, 16
VNC, 255-260
web. See web servers
whois, 412-416
X servers, 28-30
service set identifier (SSID), 514-517, 526-527
services
hijacking, 18-20
manipulating, 150-152
problematic, 449-451
PsService, 150-152
RPC, 66-67
Terminal Services, 147
troubleshooting, 449-451
UDP, 16-17
viewing, 150-152
sfind tool, 594
shared resources, 113
shares
ADMIN$, 158
connections to, 129
IPC$, 113-114, 128, 132-140, 146
NULL, 142
passwords, 113
revealing, 142-143
Windows, 131-133
shells
DOS, 9-11
Netcat and, 9-12
remote access to, 9-12
virtual, 279-282
showmount command, 117-118
SID (Security Identifier), 148-149
SID requests, 149
SIDs (system IDs), 138
siggen utility, 346
signatures, 176-177
Simple Network Management Protocol. See SNMP service
simple source auditing tools, 289-300
skip switch, 657
slash (/), 754
SLIP (Serial Line Internet Protocol), 468
SMB (Server Message Block), 112-115, 128
smbclient command, 112-114, 128
smbmount command, 113
SMTP servers, 450
smurfing, 422-423
SnapBack DatArrest utility, 637-641, 649
Sneaky time policy, 73
sniffers, 453-511
BUTTSniffer, 455-465, 475
case study, 487-489
described, 454
dsniff program, 489-496
encryption and, 455
Ethereal program, 478-489
ettercap, 496-499
legitimate uses of, 487-489
overview, 454-455
passwords, 287, 459-460, 464
snort program, 499-508
SSH and, 455
tcpdump. See tcpdump program
WinDump tool, 465-478
sniffing attacks, 147, 497-498
SNMP service, 566
snort plug-ins, 505-508
snort program, 499-508
social engineering
example of, 121-123
system access, 121-123
whois information, 412-416
Solaris platform
passwords, 219
system hardening, 247
SonicWALL firewalls, 405-408
source drives, 626-627
source ports, 449-450
source routing, 17-18, 422
span ports, 560
spidering web sites, 184
spoofing
arpspoof, 489-490
dnsspoof tool, 490-491
IP addresses, 17-18
MAC addresses, 489-490
packets, 285
SPS (Secure Packet Shield), 70
SSH (Secure Shell)
banner identification and, 104
datapipe tool and, 441
passwords and, 268
sniffers and, 455
as Telnet replacement, 104
tunneling X traffic through, 33-34
vs. rhosts, 119
SSH clients, 33-34
SSH connections, 104
SSH servers, 23-24, 33-34
SSH sessions, 474
SSH traffic, 474
SSH tunnels, 33-35
SSH X forwarding, 34
sshd daemons, 438
sshd tool, 58
sshmitm tool, 494
SSID (service set identifier), 514-517, 526-527
SSL (Secure Sockets Layer), 455
SSL connections, 183, 187-191
SSL conversions, 191
SSL encryption, 192-193
SSL port, 187
SSL proxy, 188-189
SSL server, 187
stack tools, 551-568
Stackguard, 299-300
startx, 35
STAT Analyzer, 318
STAT Neutralizer, 318
STAT Scanner, 318-327, 359-360
Staubs, Phil, 235
stcpshell tool, 279-282
Stealth report, 180
stealth scans, 82
Stealth tool, 178-183
stop points, 350
strace tool, 58
streaming files, 594
strict routing, 17
strings tool, 58
stunnel, 191-194
Sub7 server, 270-275
SubSeven tool, 287
SUID files, 702
SUID program, 702
SUN-DES-1 protocol, 32-33
SuperScan tool, 94-100
switched networks, 455
switches
/a, 587
/p, 580
/s, 587
/t, 587
count, 657
skip, 657
SYN/ACK packets, 66-67
SYN flag, 65, 69, 433, 474-478
SYN packets, 66, 68, 433-434
SYN scans, 67, 69, 73, 82
SysKey encryption, 234
syslog, 16
syslogd, 16-17
system access. See access
system hardening, 244
system IDs (SIDs), 138
| < Day Day Up > |
|