Passive attacks, 199
defined, 51, 199
performing, 200
See also Active attacks; Attacks
Password cracking, 40 “44
defined, 41
John the Ripper, 43 “44
for self-defense, 42
Unix Crack, 42 “43
Windows NT L0phtCrack, 41
Password gathering/cracking software, 205 “9
Ettercap, 206
LOphtCrack, 206 “8
Lucent Registry Crack, 208
WinSniffer, 205 “6
wireless protocol analyzers, 208 “9
Passwords
attack countermeasures, 44
attacks, 334, 354
biometric systems, 39
default, updating, 178
good, characteristics of, 39 “40
management, 38 “44
methodology, 39
OTP, 346
SmartCards, 39
PEAP, 238 “40
configuration, 239
defined, 238
Microsoft support, 239
Peer-to-peer attacks, 217
Pen register and trap and trace statute , 106
Phaos Technology Micro Foundation toolkit, 143 “44
algorithms, 144
defined, 143
footprint, 144
See also Cryptography toolkits
Physical security, 175 “77
defined, 175
template, 176 “77
See also Security policies
Point-to-Point Protocol (PPP), 231
Point-to-Point Tunneling Protocol (PPTP), 246 “47
connections, 248
per-packet data confidentiality, 248
Port Address Translation (PAT), 268
Port Protection Devices (PPDs), 36
President's Executive Order on critical infrastructure protection, 96 “97
Pretty Good Privacy (PGP), 153
Privacy standards/regulations, 16 “21
Gramm-Leach-Biley Act (GLBA), 17, 18 “19
Health Insurance Portability and Accountability Act (HIPAA), 19 “21
NAIC Model Act, 16 “18
Protective measures, 161 “65
Public key authentication, 256 “58
Public Key Code Signing #7 (PKCS#7), 149
Public key infrastructure (PKI), 50, 132 “37
defined, 132, 133
encryption/decryption process, 132
policy, 136 “37
process overview, 133 “34
risk analysis, 137
Public Switched Telephone Network (PSTN), 50