Security Warrior
| < Day Day Up > |
| [SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [X] [Y] [Z]
salt Samspade.org SAN Dshield.org Sanfilippo, Salvatore SANS six-step incident response methodology "The Twenty Most Critical Internet Security Vulnerabilities" scheduler, Windows CE screensaver attacks search engines section tables sections sectors secure wiping utilities security event event correlation incident response segment regeneration SELECT command sendmail access control sequential disassemblers sequential port scans serial number cracking 2nd [See also serial.exe, reverse engineering] serial.exe, reverse engineering 2nd [See also Windows CE] debugging loading to a disassembler step-through investigation setfacl command (Solaris 8) SGI machines, security risks SGID (Set Group ID) SGID bit Shadow Password Suite Shaft shifting operations opcodes shoulder surfing shred tool shroud tool SI (source) register signal drift , reducing signature collisions signature matchers SIGSTOP SIM (Security Information Management) tools Sklyarov, Dmitry slack space smart cards hacking reverse engineering SMB (Service Message Block) attack SMB (Service Message Block) protocol SMB network services, security risks SMB_COM_TRANSACTION command smbnuke SMS (short messaging service) vulnerabilities SMTP protocol server, security risks sniffers 2nd Snort case study machine and OS requirements system setup configuration for a honeypot SOAP (Simple Object Access Protocol) web services security Xenc (XML Encryption) social engineering action plans attacks, passive and active contact chains definitions information collection template methodologies risk analysis subroutines or shortcuts targeting SOCKS proxy port, security risks SoftICE breakpoints commands advanced backtrace commands basic customization mode control special operators symbol/source commands Window commands Window control software development programmming languages, choosing Song, Dug source routing SP (stack pointer) address Spitzner, Lance spoofing SQL ANSI standards commands modifier commands SQL injection attacks attack types authentication bypass database modification unauthorized data access basic attack strings defenses coding defenses external defenses (application blocking) filters obfuscation PHP-Nuke application defense examples example attacks installing prevention SQL injection Squid web proxies, security risks SS (stack segment) sscan SSDP (Simple Service Discovery Protocol) SSH (Secure Shell) 2nd access control securing from abuse security risks ssh covert channel SSL (Secure Sockets Layer) Stacheldraht stack static linking and disassembly stealth interface sterilize tools strcmp (string comparison) instruction strict anomaly detection strlen (string length) comparison su command subroutines SucKit SUID (Set User ID) attacks using bit root vulnerability swap files swatch SWITCH statements Symantec DeepSight Analyzer SYN cookie SYN-ACK timeout and regeneration cycles, OS fingerprinting with sys_ptrace SysInternals syslog daemon output problems security risks syslog-ng syslog.conf systat service, security risks system hardening system logging 2nd [See also logfiles] system logs, attack evidence in system monitors system records, sanitizing 2nd [See also logfiles, sanitizing] System Time system call
|
| < Day Day Up > |