Penetration Testing and Network Defense

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Z]

T-Sight

T-SQL (Transact-SQL) tablespaces

TCP

     embryonic connections

     sequence prediction

     session hijacking TCP Connect() scans TCPView

tech support personnel, impersonating technology-based social engineering telecommuters, remote access policy Teleport Pro

Telnet sessions, hijacking example temporal response analysis Ten Commandments of Computer Ethicstesting     RDBMS for vulnerabilities         brute force attacks         connection strings

         SQL injection

         system stored procedures     routers for vulnerabilities         CDP

         HTTP service

         passwords

         routing protocols

     switches for vulnerabilities         via ARP attacks

         via MAC table flooding         via STP

         via VLAN hopping         via VTP attackstesting reports     Appendixes     Executive Summary section 2nd

     Project Scope section

     Results Analysis section

tests

     black-box tests

     crystal-box

     gray-box

     white-box tests

third-party impersonation

threats

     availability threats

     confidentiality threats

     integrity threats

tiered e-commerce architecture

tiger teams time bomb viruses

Tini

Titanic syndrome

TMRC (Tech Model Railroad Club)

TOE (target-of-evaluation)tools     backdoor applications

     for attempting buffer overflows     for attempting DoS attacks         Datapool         Hgod

         Jolt2     for performing database attacks     for performing network attacks     for performing server penetration     for performing web server attacks     for wireless network penetration     hacking tools, availability of

     host reconnaissance 2nd

     password cracking     session hijacking    vulnerability scanners

         ISS

         Nessus

         NetRecon

         SAINT         SARA

traits of social engineers     confidence

     patience     possessing inside knowledge     trust Trojan applications 2nd 3rd 4th     Beast

         client configuration 2nd

         gaining access with, case study

         server settings

     BO2K

         plug-ins

     Brown Orifice

     detecting

     Donald Dick 2nd

     scanner software

     SubSeven 2nd 3rd

trust as social engineer trait

trust model

TTY Watcher

tunneling     ICMP tunneling

     Loki ICMP tunneling

two-factor security

Type-1 wireless