Hacking Exposed 5th Edition

2017-07-07 02:10:07

UCE ( unsolicited commercial e-mail), 628. See also spam

UDP ( User Datagram Protocol), 53

UDP floods, 492-493

UDP packets, 38-39, 492-493, 500

UDP port number, 38-39

UDP ports

enumeration and, 87-88

listed, 651-656

network devices, 360-361

port 69, 86, 392-393

port 79, 87-88

port 111, 128-129

port 137, 92-96

port 161, 111-115

port 513, 130

port 520, 394

port 1434, 131-133

port 2049, 133

port 27444, 496

port 32771, 128-129

port 34555, 496

UDP scans , 51-68

UDP services, 53-59

UDP traceroute packets, 355

UDP traffic, 40

UDP tunneling, 479-480

udpflood tool, 492-493

Udp_scan tool, 66

udp_scan utility, 55

ulimit command, 270

UltraEdit, 154

Unicast Reverse Path Forwarding (RPF), 500

Unicode exploit, 171, 519

UNIX platform

back doors, 277, 290

brute force attacks, 216-218, 261-262

buffer overflow attacks, 218-230, 241-242, 265-266

core -file manipulation, 270

covering tracks, 282-285

dangerous services, 221

data-driven attacks, 218-230

disabling unnecessary services on, 221

DNS and, 250-252

DoS attacks, 490, 493, 495, 503-504

DOSEMU for Unix, 274, 305

enumeration, 87, 128-129

firewalls, 215, 231, 234-235, 466-467, 480

footprinting functions, 35

format string attacks, 222-224

FTP and, 235-237

hacking, 211-292

history, 212

kernel flaws, 271-272

listening service, 215

local access, 213-214, 261-276

Mac OS X and, 136-138

metacharacters, 226

Network File System (NFS), 242-247

passwords, 216-218, 261-265

permissions and, 273-276

port scanning, 52-59, 66

race conditions, 268-269

remote access, 213-261

root access, 212-213

rootkits, 277

routing and, 215

RPC services, 128-129, 238-241

security and, 212-213, 290-292

sendmail, 83-84, 237-238

shared libraries, 270-271

shell access, 230-235

signals, 269

sniffers, 279-282

system misconfiguration, 272-276

traceroute program, 37-40, 354-356

Trojans, 277-279

user execute commands and, 215

vulnerability mapping, 212-213

X Window System, 232, 248-250

UNIX shell. See shell

UPC ports, 161

UrlActions, 608-609

URLs

improper URL canonicalization, 597-598

malicious links to, 597-598

remote access to companies via, 9

URLScan tool, 90-91, 172, 522, 533

US-CERT, 613

Usenet forums, 15-16

user accounts. See also users

company, 11

global, 144

guest, 144-145

local, 144-145

low hanging fruit, 314-315

obtaining, 11

passwords, 143-157

User Datagram Protocol. See UDP

user2sid tool, 102-103, 143

UserDump tool, 103, 109

UserInfo tool, 108

users. See also employees ; user accounts

credit histories, 11

criminal records, 11

disgruntled employees, 14

e-mail addresses, 11, 15, 30

enumerating, 101-105

groups, 175

hiding, 638

home addresses, 11

identity theft, 340, 597-598, 623-628

location details, 10-11

morale , 11-12

names , 143

online resume, 15-18

password guessing, 143-157

phone numbers , 11

physical security, 10, 646-647

privacy of. See privacy issues

publicly available information, 8-18

social engineering. See social engineering

social security numbers, 11

source code hacking and, 523-524

Usenet forums, 15-16

usrstat tool, 106

UTF-8 escapes , 519-521

Категории

Search