Penetration Testing and Network Defense

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

access auditing, enabling

access points account lockouts

     detecting password-cracking attacks

account logins, logging

ACK scan, discovering firewall configuration

ACK scans ACK storms acting classes, developing social engineering skills

active host reconnaissance     NSLookup/Whois lookups     SamSpade     Visual Route

active session hijacking AD (active directory) model admin account (Novell) AiroPeek NX AirSnort Allaire, J.J. ALOHANET

anomaly detection systems

anomaly-based IDSs, evading antennas antivirus scanners

Apache HTTP Servers

     securing

     vulnerabilities

appendixes appliance firewalls, detecting DoS attacks

application hardening     DoS attacks, preventing

APs (access points), detecting rogue APsARP attacks     hardening switches against     testing switches for vulnerabilities ASA (Adaptive Security Algorithm)

ASP

assets

     cost of protecting, identifying

     threats to, identifying

assigning permissions to root user

Atkins, Steve

attacks

     D.A.D. attacks

     DoS

     hacktivist attacks

     mutating

     on databases, protecting against

    stages of

         erasing evidence         maintaining access

         obtaining access

         reconnaissance stage

         scanning stage

     zero-day auditing passwordsauditing tools

     AiroPeek NX     AirSnort     DStumbler     GPSMAP

     Kismet     NetStumbler     StumbVerter     WEPCrack authentication     on Microsoft SQL Server, sysxlogins authority-based persuasion

authorship of security policies

availability of hacking tools availability threats