Penetration Testing and Network Defense

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

hacking

    laws. [See legislation]     non-U.S. laws pertaining to

     Novell NetWare

     script-kiddies

     tools, availability of

hacktivismhardening switches     against ARP attacks

     against MAC table flooding attacks     against STP attacks     against VLAN hopping     against VTP attacks

hashing algorithms Hassell, Riley heap buffers Hedley, David Herzog, Peter Hgod hidden field exploit

Hide Server

high-gain omni-directional antennas highly directional antennas HIPAA (Health Insurance Portability and Accountability Act)

history of passwords, modifying

history of wireless networking

HK exploit

hoaxes, BugBear virus hoax honeypots

host reconnaissance, tools 2nd host-based IDSs

     detecting DoS attacks HTMLHTTP     basic authentication     form-based authentication

     tunneling

    web server vulnerabilities

         Apache

         IIS

HTTP Brute Forcer

HTTP service

     disabling on routers

     testing for vulnerabilities

human psychology, behavioral profiling

human-based social engineering

     customers, impersonating

     defending against

     e-mail impersonation

     employees, impersonating         tech support

     end-users, impersonating

    persuasion, types of

         authority-based

         conformity-based         information-based         logic-based

         need-based         reciprocation-based         similarity-based     RSE

     third parties, impersonating    traits of social engineers         confidence         patience         possessing inside knowledge         trust     wetware

Hunt

     hijacking Telnet sessions HyperText PreProcessor Hypnopædia