|
Index[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z] SA (security associations) 2nd 3rd SAD (security association databases) 2nd 3rd salt, defining Samhain file integrity checker utility SandStorm Enterprises PhoneSweep wardialing 2nd SANS Institute Computer Security Incident Handling Step by Step [ITAL] SANS ISC (Internet Storm Center) IP address probes, tracking 2nd SANS Top 20 Vulnerabilities list satellite-based network performance case study 2nd scanners fping utility Nmap network security assessments 2nd version scans 2nd pinger utility SuperScan 2nd vulnerability 2nd eEye Security Retina 2nd GFI LANguard Network Security Scanner 2nd 3rd 4th ISS Internet scanner 2nd 3rd 4th limiting tests Nessus 2nd 3rd 4th 5th Nessus, NASL 2nd Nessus, plug-ins 2nd scanning software perimeter configuration changes 2nd scope (security policies) scope, determining (network security assessments) assessment logistics assessment technique risk levels documentation screened subnet networks access lists examples of 2nd 3rd 4th 5th 6th 7th screened subnets bastion hosts defining defining 2nd DNS servers 2nd script kiddies [See also Nimda worms] credit card exploits secure perimeter design 2nd SDN (Self-Defending Networks) 2nd 3rd 4th NAC 2nd 3rd 4th search engines inurl search extensions Link search extensions 2nd Google hacking johnn.ihackstuff.com website network security assessments 2nd searches keyword (network log analysis) network log file data 2nd second opinions (troubleshooting rules) secretkeys Secure Cache Against Pollution check box (Windows 2000) secure perimeter design attacker type, determining determined insiders 2nd determined outsiders 2nd 3rd script kiddies 2nd worms 2nd 3rd business requirements, determining business-related services 2nd cost 2nd 3rd fault tolerance fault tolerance, geographic redundancy 2nd fault tolerance, intrasite redundancy 2nd 3rd 4th 5th fault tolerance, intrasystem redundancy performance 2nd performance, detailed logs 2nd performance, encryption 2nd performance, inline security devices case studies complex e-commerce business sites 2nd complex e-commerce business sites, DMZ 2nd 3rd 4th complex e-commerce business sites, internal networks 2nd complex e-commerce business sites, Internet 2nd 3rd complex e-commerce business sites, proxy layers 2nd 3rd complex e-commerce business sites, security networks 2nd 3rd 4th small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th telecommuters using broadband connections 2nd 3rd 4th 5th 6th cost, determining 2nd design elements firewalls 2nd firewalls, access control 2nd firewalls, basic filtering 2nd firewalls, inline 2nd firewalls, ISP controlled routers 2nd firewalls, parallel 2nd 3rd firewalls, VPN interaction 2nd 3rd 4th 5th 6th routers 2nd 3rd 4th routers, access control 2nd routers, baic filtering 2nd routers, ISP controlled 2nd VPN, firewall interaction 2nd 3rd 4th 5th 6th network composition, determining potential threats, determining resource protection bridges 2nd 3rd copiers IP-based telephony systems modems 2nd PBX systems printers routers 2nd 3rd servers 2nd switches 2nd 3rd voice mail systems workstations 2nd securing routers auto securing 2nd security compromising (troubleshooting rules) VPN 2nd 3rd security advisories routers security association databases (SAD) 2nd 3rd security associations (SA) 2nd 3rd security auditing (IDS) security bulletins MS04-036 2nd security logs auditing UNIX 2nd 3rd Windows 2nd security networks complex e-commerce site case studies 2nd 3rd 4th security plans, developing attacker type, determining determined insiders 2nd determined outsiders 2nd 3rd script kiddies 2nd worms 2nd 3rd business requirements, determining business-related services 2nd cost 2nd 3rd fault tolerance fault tolerance, geographic redundancy 2nd fault tolerance, intrasite redundancy 2nd 3rd 4th 5th fault tolerance, intrasystem redundancy performance 2nd performance, detailed logs 2nd performance, encryption 2nd performance, inline security devices case studies complex e-commerce business sites 2nd complex e-commerce business sites, DMZ 2nd 3rd 4th complex e-commerce business sites, internal networks 2nd complex e-commerce business sites, Internet 2nd 3rd complex e-commerce business sites, proxy layers 2nd 3rd complex e-commerce business sites, security networks 2nd 3rd 4th small businesses with basic Internet presence 2nd 3rd 4th 5th 6th 7th small e-commerce business sites 2nd 3rd 4th 5th 6th 7th 8th 9th telecommuters using broadband connections 2nd 3rd 4th 5th 6th cost, determining 2nd design elements firewalls 2nd firewalls, access control 2nd firewalls, basic filtering 2nd firewalls, inline 2nd firewalls, ISP controlled routers 2nd firewalls, parallel 2nd 3rd firewalls, VPN interaction 2nd 3rd 4th 5th 6th routers 2nd 3rd 4th routers, access control 2nd routers, basic filtering 2nd routers, ISP controlled 2nd VPN, firewall interaction 2nd 3rd 4th 5th 6th network composition, determining potential threats, determining resource protection bridges 2nd 3rd copiers IP-based telephony systems modems 2nd PBX systems printers routers 2nd 3rd servers 2nd switches 2nd 3rd voice mail systems workstations 2nd security policies access 2nd administrative controls changing 2nd control defense in depth architecture, role in defining developing authority clarity communicating risks 2nd conciseness 2nd determining compliance expiration 2nd identifying risks realism scope specificity unwritten policies writing policies writing policies, determining corporate culture 2nd 3rd 4th 5th writing policies, developing policy tone firewalls as 2nd hallmarks of IDS 2nd implementing email handling 2nd incident handling 2nd presumption of privacy limited personal use policies unenforceable policies 2nd backdoors 2nd email 2nd 3rd Outlook (MS) 2nd sneaker net TCP Porrt 80 VLVHLP writing 2nd writing rule sets updating writing security policy databases (SPD) Security Rule Wizard (Windows XP) IPSec parameters, establishing 2nd 3rd opening security zones Corporate Servers zone, creating 2nd Corporate Workstations zone, creating multiple subnets, creating via 2nd 3rd 4th broadcast domains 2nd 3rd 4th 5th Public Servers zone, creating single subnets, creating via dedicated servers 2nd 3rd security zones within servers 2nd 3rd switches segmenting resources dialup connections 2nd LAN-connected desktops 2nd laptops 2nd mail relays 2nd configuring 2nd 3rd 4th justifying mail server separation 2nd security zones creating via multiple subnets 2nd 3rd 4th creating via multiple subnets, broadcast domains 2nd 3rd 4th 5th creating via single subnets creating via single subnets, dedicated servers 2nd 3rd creating via single subnets, security zones within servers 2nd 3rd Split DNS 2nd configuring 2nd 3rd 4th justifying VLAN firewalls 2nd private VLANs 2nd routers 2nd switches VLAN-hopping attacks 2nd VPN 2nd wireless systems 2nd 3rd segregating resources risk 2nd Self-Defending Networks (SDN) 2nd 3rd 4th NAC 2nd 3rd 4th sensors (IDS) deploying 2nd encrypted network traffic external networks 2nd firewalls 2nd high volume network traffic IDS management networks 2nd internal networks 2nd 3rd packet filters security maintenance 2nd spanning ports switches 2nd Sentivist (NFR) 2nd Sentry (LaBrea Technologies) 2nd separating resources LAN-connected desktops 2nd laptops 2nd 3rd 4th mail relays 2nd configuring 2nd 3rd 4th justifying mail server separation 2nd risk 2nd security zones creating via multiple subnets 2nd 3rd 4th creating via multiple subnets, broadcast domains 2nd 3rd 4th 5th creating via single subnets creating via single subnets, dedicated servers 2nd 3rd creating via single subnets, security zones within servers 2nd 3rd Split DNS 2nd configuring 2nd 3rd 4th justifying VLAN firewalls 2nd private VLANs 2nd routers 2nd switches VLAN-hopping attacks 2nd VPN 2nd wireless systems 2nd 3rd Server service (Windows) deactivating server-side ports TCP UDP servers cacheflow 2nd dedicated creating security zones 2nd 3rd dedicating disabling via routers 2nd DNS DMZ 2nd recursive queries screened subnets 2nd source port 53 queries Split DNS, configuring 2nd 3rd 4th Split DNS, justifying zone transfers extranet adversarial reviews, determining attacker access 2nd 3rd adversarial reviews, determining impact of misconfigurations/vulnerabilities 2nd rulebases firewalls IPSec packet-filtering 2nd PF 2nd 3rd 4th versus workstation firewalls 2nd HP Virtual Vault mkacct command IDS categories of deploying 2nd file integrity checkers 2nd file integrity checkers, AIDE file integrity checkers, Samhain file integrity checkers, Tripwire file integrity checkers, Tripwire Manager file integrity checkers, Winalysis log file monitoring utilities, Logcheck 2nd network connection monitoring utilities, BlackICE 2nd network connection monitoring utilities, PortSentry 2nd versus network IDS 2nd multiuser proxy [See also proxy caches] client awareness functions of initiators listeners public Web adversarial reviews, determining attacker access 2nd 3rd secure perimeter design 2nd security zones, creating 2nd 3rd sensitivity to attacks SSL proxy perimeter defenses uses of terminal client integration perimeter defenses server integration uses of 2nd VPN case studies 2nd 3rd Web adversarial reviews, determining impact of misconfigurations/vulnerabilities 2nd attacks on 2nd 3rd PUT attacks 2nd Web cache Squid Web Cache Proxy software service discovery (network service discovery) banner retrieval 2nd 3rd 4th Nmap 2nd system matrixes 2nd Telnet 2nd service password encryption command (routers) services intrusion detection distributed outsourced monitoring SGI IRIX system call trace utility SHA-1 (Secure Hash Algorithm-1) hash algorithms Shallow Packet Inspection Shamir, Adi Weakness in the Key Scheduling Algorithm of RC4 [ITAL] 2nd shared key encryption algorithms DES shorthand Cisco routers show conn command (Cisco PIX stateful firewalls) 2nd SID (security identifiers) Administrator accounts (Windows) signature detection (IDS) 2nd evasion techniques, detecting false positive/negative signatures 2nd 3rd unwanted alerts signatures false positives/negatives 2nd 3rd IDS evasion techniques, detecting Nimda worm 2nd updating antivirus software signatures (digital) defining 2nd SIM (security information mangement) software network log analysis, automating single address NAT [See PAT] single-session remote desktop software client integration perimeter defenses 2nd server integration 2nd uses of single-system applications component placement SirCam security policies, writing small businesses case studies companies with basic Internet presence 2nd 3rd 4th 5th 6th 7th small e-commerce site case studies 2nd 3rd 4th 5th 6th 7th 8th 9th SmartDashboard (Check Point FireWall-1 stateful firewalls) SmartDefense (Check Point Firewall-1 stateful firewalls) 2nd Smartline Active Ports 2nd SmartView Tracker (Check Point Firewall-1) Smurf attacks smurf attacks 2nd smurfing attacks network performance 2nd sneaker net unenforcable security policies sniffers wireless networks SNMP Big Brother system/network monitoring software local system attributes, monitoring 2nd router attacks 2nd versions of SNMP (Simple Network Management Protocol) community strings deactivating 2nd exploits on router hardening 2nd 3rd authentication/passwords 2nd 3rd 4th disabling servers 2nd SNMPv2p SNMPv3 remote monitoring security 2nd Snort vulnerability assessment Snort IDS software 2nd Snort-Inline SOA (Service-Oriented Architecture) SOAP firewalls, bypassing SOAP (Simple Object Access Protocol) interapplication communication 2nd SOCKS 2nd SOCKS protocol SocksChain proxy chaining SOCKSv4 protocol SOCKSv5 protocol software active scanning perimeter configuration changes 2nd AirCrack auditing wireless encryption AirSnort auditing wireless encryption 2nd anitvirus compatibility of 2nd DoS attacks EICAR test files gateways 2nd limitations of 2nd 3rd 4th malware mutation detection packers 2nd polymorphic malware detection signature updates spyware strengths of 2nd antivirus 2nd compromised hosts role in internal network defense Asleap auditing wireless encryption Big Brother system/network monitoring 2nd 3rd 4th architecture of defining hosts/procedures 2nd monitoring local system attributes 2nd 3rd network/remote service accessibility 2nd 3rd SNMP support BlackWidow BSD Airtools auditing wireless encryption Canvas exploitation library software Core Impact exploitation library software Crack 2nd demos evaluation checklists 2nd fping network scanner Hackers Choice THC-Scan host hardening automation HP OpenView system/network monitoring 2nd intrusion detection 2nd John the Ripper Kismet auditing wireless network signal leakage 2nd L0phtCrack 2nd malware Metasploit exploitation library software ModemScan Nessus vulnerability scanner NetScanTools Pro Netstumbler auditing wireless network signal leakage network defense design, recommendations for 2nd network security case studies customer feedback systems, architecture recommendations customer feedback systems, deployment locations 2nd Web-based online billing applications Web-based online billing applications, architecture recommendations 2nd Web-based online billing applications, software deployment locations 2nd Nmap host/port location scanner NDiff differential scanners 2nd password guessing tools password-filtering pinger network scanner remote controlware remote desktop risks of 2nd single-session single-session, client integration single-session, perimeter defenses 2nd single-session, server integration 2nd single-session, uses of terminal servers terminal servers, client integration terminal servers, perimeter defenses terminal servers, server integration terminal servers, uses of 2nd terminal servers, VPN case studies 2nd 3rd removing (host hardening) Add/Remove Programs applet (Windows) UNIX operating systems 2nd SandStorm Enterprises PhoneSweep 2nd SIM automating network log analysis sniffers wireless networks Snort vulnerability assessment Snort IDS 2nd Squid Web Cache Proxy SuperScan network scanner 2nd testing host security 2nd network security 2nd unsecurable, handling 2nd user information, gathering 2nd VMware 2nd VPN proprietary WEP Wedgie auditing wireless encryption WEPCrack auditing wireless encryption 2nd WPACrack auditing wireless encryption software architecture applications administrator access, external access 2nd administrator access, security defining deploying encryption evaluating security 2nd host security interapplication communications, CORBA interapplication communications, DCOM 2nd interapplication communications, HTTP interapplication communications, IIOP interapplication communications, SOA interapplication communications, SOAP 2nd interapplication communications, Web services 2nd 3rd internal use exclusivity 2nd multitier, component placement 2nd network compatibility, firewalls network compatibility, NAT 2nd operating system support performance/reliability 2nd security versus performance 2nd single-system, component placement defining 2nd 3rd firewalls IP protocols network security case studies customer feedback systems customer feedback systems, architecture recommendations customer feedback systems, software deployment locations 2nd Web-based online billing applications Web-based online billing applications, architecture recommendations 2nd Web-based online billing applications, software deployment locations 2nd packet-filtering Solaris Check Point FireWall-1 stateful firewalls 2nd 3rd 4th 5th 6th 7th pkg program software, removing source addresses (packets) source port 53 queries DNS servers source routing disabling SPAN ports spanning ports IDS sensor placement SPD (security policy databases) specificity (security policies) Split DNS configuring 2nd 3rd 4th functions of 2nd justifying Split Horizon DNS [See Split DNS] spoofed IP addresses blocking spoofing MAC addresses 2nd router hardening spoofing attacks DNS 2nd spyware antivirus software blocking 2nd firewall tunnels 2nd Squid Squid Web Cache Proxy software SSH crypto key generate rsa command domain command exec-timeout x command host command login local command name command pass command router hardening 2nd 3rd transport input ssh command user command SSH (Secure Shell) file transfers port forwarding standard connections client integration perimeter defenses server integration uses of tunneling client integration performance perimeter defenses server integration uses of vulnerabilities of 2nd SSH protocol public key authentication router attacks SSH tunnels client integration performance perimeter defenses server integration uses of SSID (Service Set Identifiers) broadcasts, disabling 2nd 3rd 4th BSSID ESSID SSL (Secure Socket Layer) deep packet inspection SSL (Secure Sockets Layer) 2nd [See also protocols; TLS] OWA 2nd perimeter defenses proxy servers perimeter defenses uses of standard connections client integration 2nd perimeter defenses 2nd server integration 2nd uses of 2nd tunneling 2nd 3rd uses of 2nd VPN case studies 2nd SSL proxy servers perimeter defenses uses of SSL tunneling 2nd 3rd SSL Web server case study standard ACL (access control lists) blacklisting 2nd 3rd egress filtering 2nd ingress filtering 2nd 3rd 4th interfaces, applying to IP addresses friendly net access 2nd sytnax of standard SSH connections client integration perimeter defenses server integration uses of standard SSL connections client integration 2nd perimeter defenses 2nd server integration 2nd uses of 2nd state CLOSE-WAIT TCP connections CLOSED TCP connections CLOSING TCP connections defining 2nd ESTABLISHED TCP connections FIN-WAIT-1 TCP connections FIN-WAIT-2 TCP connections LAST-ACK TCP connections LISTEN TCP connections SYN-RCVD TCP connections SYN-SENT TCP connections TIME-WAIT TCP connections 2nd tracking clustering firewalls 2nd FTP 2nd HTTP 2nd ICMP 2nd multimedia protocols TCP 2nd 3rd 4th 5th UDP 2nd state tables Check Point FireWall-1 stateful firewalls 2nd 3rd defining IPTable examples 2nd state, tracking clustering firewalls 2nd TCP communication sessions stateful filtering defining 2nd IPTables stateful firewalls application layer commands application protocol inspection troubleshooting 2nd 3rd Check Point FireWall-1 2nd 3rd 4th 5th configuring for stateful inspection 2nd implied rules protocol support 2nd SmartDashboard SmartDefense 2nd state tables state tables, example of 2nd timeouts 2nd Cisco PIX fixup command 2nd 3rd 4th FWSM 2nd inbound/outbound traffic connections 2nd PDM 2nd PDM, Configuration screen 2nd PDM, Hosts/Networks screen PDM, System Properties screen PDM, Translation Rules screen show conn command 2nd FTP control sessions functions of 2nd Juniper Networks NetScreen 2nd multimedia protocols Netfilter/IPTables 2nd 3rd 4th 5th 6th input rules 2nd IPv6 output rules 2nd 3rd state tables, example of 2nd network performance 2nd perimeter defense, role in 2nd port command (FTP) versus proxy firewalls stateful inspection CBAC Check Point FireWall-1 stateful firewalls, configuring for 2nd defining static packet filters perimeter defense, role in 2nd 3rd static routes storage routers strace system call trace utility 2nd strings utility application layer, troubleshooting subnet networks access lists examples of 2nd 3rd 4th 5th 6th 7th subnets multiple creating security zones 2nd 3rd 4th creating security zones, broadcast domains 2nd 3rd 4th 5th screened bastion hosts defining 2nd DNS servers 2nd single creating security zones creating security zones, dedicated servers 2nd 3rd creating security zones, within servers 2nd 3rd SubSeven Trojan horse exploits SuperScan network scanner 2nd switch trunking switch-type NIPS (network intrusion prevention systems) deployment recommendations auto-update mechanisms 2nd budgeting for change-mangement mechanisms documenting use/functionality 2nd identifying false positive/false negative test procedures NIPS/NIDS combinations report-only mode product reviews detection capabilities environmental anomaly analysis evasion resistance latency requirements organizational policy enforcement passive analysis 2nd product development protocol scrubbing rate limiting security 2nd stability demands throughput demands TippingPoint UnityOne IPS 2nd TopLayer Attack Mitigator switched networks traces, troubleshooting 2nd versus nonswitched networks 2nd switches IDS sensor placement 2nd intelligent (NIPS) 2nd Layer 3 switching network card teaming NSS redundancy 2nd secure perimeter design 2nd 3rd security zones switches (network) rate limiting Symmantec firewalls adversarial reviews determining attacker access 2nd 3rd 4th 5th 6th 7th symmetric key cryptography algorithm key sizes network performance 2nd symmetric key encryption [See shared key encryption] symptoms, collecting (troubleshooting process) 2nd SYN (synchronization) flags SYN flooding network performance 2nd 3rd SYN scans Nmap SYN-RCVD state (TCP connections) SYN-SENT state (TCP connections) SYN/FIN attacks 2nd Syslog facility (UNIX) security logs, auditing system call interception (HIPS) system call trace utilities 2nd ktrace SGI IRIX strace 2nd system enumeration (network service discovery) ICMP scans 2nd packet traces 2nd TCP/UDP packet scans 2nd system matrixes network security assessments 2nd system monitoring (perimeter security maintenance) alerts Big Brother software 2nd 3rd 4th defining hosts/procedures 2nd monitoring local system attributes 2nd 3rd network/remote service accessibility 2nd 3rd HP OpenView software 2nd procedures, establishing 2nd defining hosts/procedures 2nd 3rd monitoring local system attributes 2nd 3rd 4th 5th 6th network/remote service accessibility 2nd 3rd 4th remote monitoring security 2nd 3rd 4th 5th System Properties screen (PDM) |
|