The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]

N-tier architectures 2nd

     business tier

     client tier

     data tier

     MVC (Model-View-Controller)

     Web tier

name servers, DNS (Domain Name System)

name squatting

Name Validation Denial of Service listing (16-1)

named pipes

     UNIX

     Windows NT

names, DNS (Domain Name System)

namespaces (Windows NT)

     global namespaces

     local namespaces

     objects

         collisions

         Vista object namespaces

narrowing integer types

NAT (Network Address Translation)

National Institute for Standards and Technology (NIST)

navigating code

     external flow sensitivity

     tracing

NCACN (network computing architecture connection-oriented protocol), RPCs (Remote Procedure Calls)

NCALRPC (network computing architecture local remote procedure call protocol), RPCs (Remote Procedure Calls)

NCDAG (network computing architecture datagram protocol), RPCs (Remote Procedure Calls)

.NET Common Language Runtime (CLR)

.NET Developer's Guide to Windows Security, The

NetBSD

netmasks

Netscape NSS Library UCS2 Length Miscalculation listing (7-36)

Netscape Server Application Programming Interface (NSAPI)

Network Address Translation (NAT) [See NAT (Network Address Translation).]

network application protocols

     ASN.1 (Abstract Syntax Notation)

         BER (Basic Encoding Rules)

         CER (Canonical Encoding Rules)

         DER (Distinguished Encoding Rules)

         PER (Packed Encoding Rules)

         XER (XML Encoding Rules)

     auditing

         data type matching

         data verification

         documentation collection

         identifying elements

         system resource access

     DNS (Domain Name System) 2nd

         headers

         length variables

         name servers

         names

         packets

         question structure

         request traffic

         resolvers

         resource records 2nd 3rd

         spoofing

         zones

     HTTP (Hypertext Transfer Protocol)

         header parsing

         posting data

         resource access

         utility functions

     ISAKMP (Internet Security Association and Key Management Protocol)

         encryption vunerabilities

         headers

         payloads

network computing architecture connection-oriented protocol (NCACN), RPCs (Remote Procedure Calls)

network computing architecture datagram protocol (NCDAG), RPCs (Remote Procedure Calls)

network computing architecture local remote procedure call protocol (NCALRPC), RPCs (Remote Procedure Calls)

Network File System (NFS)

network interfaces

network layer, network segmentation

network profiles, vunerabilities

network protocols

     IP (Internet Protocol)

         addressing

         checksum

         fragmentation

         header validation

         IP packets

         options

         source routing

     network application protocols

         ASN.1 (Abstract Syntax Notation)

         auditing

         DNS (Domain Name System)

         HTTP (Hypertext Transfer Protocol)

         ISAKMP (Internet Security Association and Key Management Protocol)

     TCP (Transmission Control Protocol)

         connections 2nd

         header validation

         headers

         options

         processing

         segments

         streams 2nd

     TCP/IP

     UDP (User Datagram Protocol)

network segmentation

     layer 1 (physical)

     layer 2 (data link)

     layer 3 (network)

     layer 4 (transport)

     layer 5 (session)

     layer 6 (presentation)

     layer 7 (application)

network time protocol (NTP) daemon

network-based measures, operational vulnerabilities

     NAT (Network Address Translation)

     network IDSs

     network IPSs

     segmentation

     VPNs (virtual private networks)

NFS (Network File System) 2nd

Nietzsche, Frederich

NIST (National Institute for Standards and Technology)

node types

non-returning signal handlers, signals 2nd

nonce payloads, ISAKMP (Internet Security Association and Key Management Protocol)

nonexecutable memory pages

nonexecutable stacks

     heap protection

     operational vulnerabilities, preventing

nonrecursive name servers (DNS)

nonroot setgid programs (UNIX)

nonroot setuid programs (UNIX)

nonsecurable objects, Windows NT

nonsuperuser elevated privileges, UNIX, dropping permanently 2nd

Nordell, Mike

notification payloads, ISAKMP (Internet Security Association and Key Management Protocol)

NSAPI (Netscape Server Application Programming Interface)

NTP (network time protocol) daemon

NTPD Buffer Overflow Example listing (7-17)

NtQuerySystemInformation( ) function

NUL byte injection queries, Perl

NUL Bytes in Multibyte Code Pages listing (8-32)

NUL-byte injection

NUL-Byte Injection with Memory Corruption listing (8-10)

NUL-termination, Unicode

null bytes

NULL, INVALID_HANDLE_VALUE, compared

numeric overflow conditions, C programming language

numeric overflow, unsigned integers

numeric underflow conditions, C programming language

numeric underflow, unsigned integers

numeric wrapping, C programming language