Penetration Testing and Network Defense

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

L0phtcrack 2nd 3rd

LAND attack LANMAN hashing

LCN (Little Company Network), example penetration test

     covering tracks

     follow-up

     gaining access     information gathering 2nd     maintaining access

     planning the attack     sample report     scanning and enumerationlegislation

     CFAA     Code of Fair Information Practices     Computer Misuse Act (U.K.)     FISMA     Graham-Leach-Bliley act of 1999     non-U.S.     Sarbanes-Oxley Act

     USA PATRIOT Act

length of passwords, modifying Lerdorf, Rasmus library tools, preventing buffer overflows

Linux

    DoS attacks, executing

         Spendor Datapool

    elevation techniques         irix-login.c exploit

         rpc.statd exploit         stack smashing exploit

     MACOF     privilege escalation, example of     rootkits Litchfield, David LiveScript

Local System account (SQL Server)

locking out user accounts

logging

     account logins

     actions during penetration testing

logic attacks

logic persuasion

Loki ICMP tunneling

Long, Johnny