Electronic Books

see also
Vulnerability scanning
Angry IP, 147??“150
Fscan, 153
FTPScanner, 169??“170
Hydra, 178??“186
LANguard, 151??“152
LanSpy, 158??“160
netcat, 161??“162
Passifist, 154??“157
Strobe, 166??“168
SuperScan, 163??“165
TCS CGI (Common Gateway Interface)
Scanner, 171??“177
WGateScan/ADM Gates, 187??“191
Secure FTP Client,
see
SFTP
Secure Socket Layer,
see
SSL
Security Accounts Manager,
see
SAM, FGDump
and
Security Administrator??™s Integrated Network
Tool,
see
SAINT
Security Auditor??™s Research Assistant,
see
SARA
Security Identifiers,
see
SIDs
enumerating from given username, 91??“92
enumerating User ID from, 93??“95
Security policies, as countermeasure
Dsniff, 573
Ettercap, 556
PsExec, 633
Serial Line Interface Protocol,
see
SLIP, and ngrep
Serial numbers
bypassing Microsoft, 499??“506
installing Windows 2000 virtual Workstation, 23
RockXP bypassing, 499??“506
Services, disabling unnecessary
LanSpy countermeasure, 158??“160
netcat countermeasure, 161??“162, 588
Strobe countermeasure, 166??“168
SFIND tool, 553
SFTP (Secure FTP Client), 346
Shadow Scanner, 455??“467
executing against target, 460??“461
installing, 455
quality and cost of, 467
reviewing results, 462??“467
setting parameters, 458??“459
starting application, 456??“457
syntax, 719
target assessment, 455??“467
SID2USER, 93??“95, 679
SIDs (Security Identifiers)
enumerating from given username, 91??“92
enumerating User ID from, 93??“95
Index


733
Simple Network Management Protocol,
see
SNMP
SLIP (Serial Line Interface Protocol), and ngrep,
213
SMAC (Spoofed Media Access Control), 268??“276
how it works, 268
install, 268??“270
reboot, 275??“276
set parameters, 270??“275
syntax, 706
SMB Scanner, 696
Smurf attack, DoS (Denial-of-Service), 650??“654
Sneaky-Sneaky
advantage of, 552
on attacker??™s computer, 548??“552
how it works, 545
syntax, 719??“720
on target (server), 545??“547
Sniffing traffic, 193??“260
detecting Ettercap, 556
Ethereal, 195??“212
how it works, 195
installing on Red Hat Linux computer,
196??“205
installing on Windows, 195, 206??“212
syntax for, 697
understanding, 212
IPDump2, 234??“239
ngrep, 213??“222
how it works, 213
for Linux, 213??“218
syntax for, 697??“698
for Windows, 219??“222
Sniffit, 249??“259
configuring/creating application, 249??“252
executing, 253??“259
how it works, 249
Tcpdump, 223??“229
Windump, 230??“233
ZxSniffer, 240??“248
executing, 246??“248
how it works, 240
installing, 240??“245
Sniffit, 249??“259
configuring/creating application, 249??“252
executing, 253??“259
how it works, 249
syntax, 705
SNMP (Simple Network Management Protocol)
assessing with X-Scan, 399
Solar Winds brute force attack on, 386??“391
walks, 379??“385
Social engineering techniques, 86
Software, Trojan-detection, 519
Solar Winds, 386??“391
installing, 386
options, 387??“388
SNMP (Simple Management Network Protocol)
brute force attack with, 389??“391
syntax, 717
Spoofed Media Access Control,
see
SMAC
Spoofing, 261??“298
Linux, 277??“283
how it works, 268
install, 268??“270
reboot, 275??“276
set parameters, 270??“275
syntax, 706
Packit, 284??“294
compile, 284??“285
create, 286
execute, 290??“294
how it works, 284
install, 287
set parameters, 288??“289
syntax, 707??“712
RafaleX, 263??“267
SMAC (Spoofed Media Access Control),
268??“276
how it works, 268
installing, 268??“270
rebooting, 275??“276
setting parameters, 270??“275
syntax, 706
VMware Workstation, 295??“297
Sprint, 133??“134, 694
SSL (Secure Socket Layer)
BruteFTP countermeasure, 346
FTPScanner countermeasure, 169??“170
MTM (man-in-the-middle) attacks and, 587
NETWOX/NETWAG countermeasure, 301
Startx, 58??“59
Streaming files, 553??“555, 720
Strobe, 166??“168, 696
SuperScan, 163??“165, 695
SYN (Synchronize)
DoS (Denial-of-Service) attack, 655??“659
Ethernet three-way handshakes, 265
SYN-ACK (Acknowledge), 265
Synchronize,
see
SYN
Syntax, for tools,
see
Tool syntax
T
Tab key, 42, 44
Target enumeration
DUMPSEC, 98??“101
GETMAC, 90
net commands, 102??“104
Netcraft, 131??“132
Nmap/nmapFE, 109??“116
NmapNT, 117??“122
Nmblookup, 124
734


Practical Hacking Techniques and Countermeasures
Nslookup, 123
NULL session, 89
Pathping, 107??“108
PingG, 105??“106
Rpcinfo, 125
Sam Spade, 128??“130
SID2USER, 93??“95
Sprint, 133??“134
USER2SID, 91??“92
USERDUMP, 96
USERINFO, 97
Visual Route, 126??“127
Windows OS (Operating System), 135??“138
WinFingerprint, 139??“143
TCP (Transfer Control Protocol)
ngrep recognizing, 213
TCP (Transfer Control Protocol) Relay, 723
Tcpdump, 223??“229, 698??“700
TCP/IP auditing, 284
TCS CGI (Common Gateway Interface) Scanner,
171??“177
Telnet
banner identification, 65??“66
reference for, 671
setting covert reverse session of, 588??“595
syntax, 675
Terminal Server, brute force passwords,
354??“356
Token Ring, ngrep recognizing, 213
Tool syntax
Achilles, 721
ADM Gates, 697
amap, 678
Angry IP, 694
AutoScan, 719
Back Orifice, 719
banner.


Pages:
274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289