| ||||||||||||
| ||||||||||||
Attack through the InternetTable of contentsChapter 1. Introduction1.1 Main concepts of computer security1.2 Network security characteristics 1.3 Hackers vs. crackers 1.4 Main hackers' targets 1.5 Network security: myths and reality 1.5.1 Hackers' power 1.5.2 Is your money secure? 1.5.3 Firewall as "absolute" network protection 1.6 Y2K and security issues Chapter 2. Social engineering attacks2.1 Social engineering: introduction2.2 Social engineering attacks classification 2.3 Social engineering and human psychology 2.4 Computer systems intrusion examples 2.5 Social engineering over the Internet 2.5.1. IRC 2.5.2. E-MAIL 2.5.3. ICQ 2.6 How to protect yourself from social engineering attacks 2.6.1. Intrusion tests 2.6.2. User awareness Chapter 3. Remote attacks in distributed computer systems3.1 Remote attacks classification3.2 Standard remote attack concept and mathematical model 3.2 Characteristics and realization mechanisms of standard remote attacks 3.2.1 Network traffic analysis 3.2.2 Trusted distributed object or subject substitution 3.2.3 Fake object of distributed computer system 3.2.4 Denial of service Chapter 4. Remote attacks on Internet hosts4.1 Internet traffic analysis4.2 Fake ARP-server (ARP spoofing) 4.3 Fake DNS-server (DNS spoofing) 4.4 Forcing fake route to host using ICMP protocol (ICMP spoofing) 4.5 IP spoofing and TCP hijacking 4.5.1 TCP sequence number prediction by extrapolation of previous values 4.5.2 Using the lack of TCP-connection identification to attack rsh-server 4.6 TCP SYN flood or request buffer overflow 4.6.1 Windows NT under TCP SYN flood 4.7 Mythical Internet remote attacks 4.7.1 IP-fragmentation as firewall penetration 4.7.2 "Ping of Death" 4.8 Known operation systems bugs 4.8.1 Land 4.8.2 Teardrop 4.8.3 Smurf 4.8.4 Out of band (OOB) Chapter 5. Methods of port scanning5.1 "Known source" methods of port scanning5.1.1 TCP SYN scanning 5.1.2 TCP FIN scanning 5.1.3 IP fragmentation scanning 5.1.4 TAP IDENT scanning 5.2. Anonymous methods of port scanning 5.2.1. FTP bounce attack 5.2.2 "Dumb" host scanning 5.2.3. "Proxy" scanning Chapter 6. Remote attacks success causes 6.1 Remote attacks success causes in the distributed computer systems 6.2 Remote attacks success causes in the Internet Chapter 7. Secure distributed computer systems7.1 Leased line between distributed objects7.2 Virtual channel as additional identification and authentication tool for distributed objects 7.3 Message route checking and control 7.4 Virtual connection checking and control 7.5 Design of distributed computer system with fully pre-determined object information to eliminate remote search Chapter 8. How to protect yourself from remote Internet attacks8.1 Administrative protection8.2 Software and hardware protection tools and methods Chapter 9. Remote attacks on operating systems9.1 Introduction9.2 Standard attacks scenarios classification in UNIX 9.3 The beginning (before the Worm) 9.4 Buffer overflow technology 9.5 The Worm 9.5.1. Strategies the Worm uses 9.6 After the Worm 9.6.1. Trying a password 9.6.2. Typical attacks 9.6.3. Trusted attacks 9.7 Present-day situation 9.7.1. telnetd daemon error 9.7.2. sendmail error 9.7.3. wu-ftpd vulnerabilities 9.7.4 innd vulnerabilities 9.8 UNIX vulnerabilities existence causes 9.9 Windows NT 9.9.1. Windows NT: classification of vulnerabilities causes 9.9.2 System services buffer overflow 9.9.3 Getting administration rights 9.9.4. Resource sharing and anonymous user 9.9.5. SMB in the Internet 9.9.6. Identification and authentication procedures 9.10 How to protect your host? 9.11 Software tools of security checking 9.11.1 SATAN 9.11.2 SAFESuite family Chapter 10. Attacks through WWW10.1 Attack on WWW-clients10.1.1 Browser security 10.1.2 Java applets security 10.1.3. Other client applications security 10.1.4. Viruses and Trojans 10.2 Attack on Web-server 10.3 CGI scripts security 10.3.1 CGI Introduction 10.3.2 Known CGI-errors 10.3.3. Known CGI-scripts errors 10.3.4. Creating secure CGI-scripts 10.4 Using server-based applications to attack the WWW-clients 10.4.1 Сookies security 10.4.2. Identification problems
|
 | |||||||||
| |||||||||
|
CITForum © 1997–2025