📄 book-index.html
字号:
<DD>rlogin-froot, 176, 267
<DD>routers, 127, 148, 158–159, 264
<DD>routing interchange protocol (RIP), 141
<DD>scope of entities in network, 122
<DD>screening routers, 148, 158–159, 161
<DD>security account manager (SAM), 40
<DD>security associations, IPsec, 138
<DD>security identifiers (SIDs), 123
<DD>security kernel, 13–14, 117
<DD>security within security, 122
<DD>sendmail bugs, 267
<DD>SeOS (Memco) to improve access control, 104–110
<DD>sequence number guessing, 143–144, 267
<DD>server security, 165–166
<DD>simple mail transfer protocol (SMTP), 123
<DD>single message attacks, 133
<DD>SMB, 114
<DD>sniffers, 49–50, 263–281, 319–320
<DD>sockets, socket addresses, 141–142
<DD>SOCKS proxies, 168
<DD>software applications, 122, 125–126
<DD>source addresses, 124
<DD>source routing, 148
<DD>spoofing, 132, 133–137, 158–159
<DD>subnets, 263–264
<DD>SYN Flood attack, 144, 159, 176, 267
<DD>synchronization, 116
<DD>system level attacks, 272–273
<DD>System Network Architecture (SNA), 114
<DD>Telnet, 121, 151–152
<DD>test.cgi attack, 160, 164, <B>165,</B> 267
<DD>traceroute applications, 131
<DD>tracing path of access, 200–206
<DD>tracking attacks, 137–138
<DD>transmission control protocol (TCP/IP), 142–146
<DD>Trojan Horse, 175
<DD>trust, 128
<DD>trusted hosts, 145–146
<DD>tunnel vs. transport mode transmission, 139, 167–168, <B>168</B>
<DD>unique identifiers, 127
<DD>UNIX systems, 121, 160
<DD>user datagram protocol (UDP), 141–142
<DD>username IDs (UIDs), 123
<DD>users, 122–124
<DD>virtual private networks (VPN), 146
<DD>vulnerability scanners, 268
<DD>weak CGI attacks, 161, 167
<DD>wrappers, 116
<DD>X.509 digital certificates, 152, 164–165
</DL>
<DD>network services auditor (NS Auditor), network security, 169
<DD>network sniffer (see sniffer)
<DD>new attack detection, 243
<DD>NFS, network security, 267
<DD>NIDES project, 191
<DD>nodes, network security, 120–122, 124–125
<DD>nonce, 42
<DD>nonrepudiation, 6
<DD>nonvolatile RAM (NVRAM), 96
<DD>Notes client/servers, network security, 122
<DD>NT (see Windows NT security)
<DD>NTbugtraq, 288
<DD>ntfsdos.exe attack, Windows NT security, 292
</DL>
<P><FONT SIZE="+1"><B>O</B></FONT></P>
<DL>
<DD>objects, 3–4, 9–14, 84, 314
<DD>octets in addresses, Internet Protocol (IP), 130
<DD>offline attacks, passwords, 46–47
<DD>one-time pads, 73
<DD>one-time passwords, 72
<DD>online attacks, passwords, 44–47
<DD>operating system security, 7–9
<DL>
<DD>access control, 7
<DD>bugs, 161–162
<DD>configuration files, tampering, 8
<DD>dependencies of security products, 7
<DD>entities, 7, 8
<DD>identification & authentication (I&A), 29–79
<DD>implementation of OS, 8
<DD>Kerberos, 62
<DD>layers of information, 188, <B>189,</B> 190–193
<DD>login security, 9
<DD>network security, 117, 121
<DD>privileged programs, 107
<DD>scope of OS, 8
<DD>secure attention key (SAK), 49
<DD>security kernel, 13–14, 117
<DD>SeOS (Memco) to improve access control, 104–110
<DD>Trojan Horses, 49
<DD>trust boundaries, 7, 8
<DD>trust relationships, 7, 8–9
<DD>trusted path, 49
<DD>X.509 digital certificates, 70
</DL>
<DD>out of band values, passwords, 35
</DL>
<P><FONT SIZE="+1"><B>P</B></FONT></P>
<DL>
<DD>packet filtering, 128, 147–149, 169, 175, 189, 194, 193, 264
<DD>packet headers, network security, 116
<DD>pads, one-time pads, 73
<DD>password grabbers, 14
<DD>passwords, 15–16, 42–52
<DL>
<DD>brute force attacks, 44–47
<DD>bugs, 51
<DD>challenge–response authentication, 77–78
<DD>choosing a password, 44, 51–52
<DD>Crack penetration program, 46
<DD>cryptography/encryption, 35–37
<DD>data encryption standard (DES), 36
<DD>denial of service attacks, 44–47
<DD>dictionary of passwords, 45
<DD>easily guessed passwords, 44, 51–52
<DD>electromagnetic emissions monitoring, 50
<DD>grabber programs, 14
<DD>guessing attacks, 44–47
<DD>hash, cryptographic, 36
<DD>heuristics to guess passwords, 45–46
<DD>impersonation to gain passwords, 47–48
<DD>Internet Worm attack, 45
<DD>Kerberos, 62, 64–65
<DD>locking terminal, 45
<DD>network information system (NIS/NIS+), 37–39
<DD>network security, 125–126
<DD>nonce, 42
<DD>offline attacks, 46–47
<DD>one-time pads, 73
<DD>one-time passwords, 72
<DD>online attacks, 44–47
<DD>out of band values, 35
<DD>plaintext to ciphertext passwords, 36
<DD>reusable passwords, 42–43, 51–52
<DD>salt for password enhancement, 36–37
<DD>shoulder surfing, 48
<DD>sniffing, network sniffers, 49–50
<DD>social engineering, 47–49
<DD>storing passwords in central server, 37–39
<DD>strong authentication, 72–74
<DD>TEMPEST security project, 50
<DD>Trojan Horses, 49
<DD>UNIX security, 31–32, 35–39, 91–93
<DD>Windows NT security, 292–293
<DD>X.509 digital certificates, 70
</DL>
<DD>PATH hacking, UNIX security, 251–256
<DD>pattern matching, 170–173, 239–240, 247–248, 260, 318
<DD>peer security, network security, 117–119, <B>118, </B>165–166
<DD>permissions (<I>See</I> <I>also</I> privilege escalation)
<DL>
<DD>registry permissions, Windows NT security, 102
<DD>special permissions, 98–102
<DD>standard permissions, 98–102
<DD>UNIX security, 89–94, 94–96
<DD>Windows NT security, 98–102, 292–293
</DL>
<DD>personal identification numbers (PINs), 75–76
<DD>phf hack, 160, 164, 267
<DD>Ping of Death, 133, 134–135, 159, 176, 267, 290
<DD>plaintext passwords, 36
<DD>policy, security policy, 4, 305–308
<DD>ports, user datagram protocol (UDP), 141–142
<DD>power on self tests (POST), 96
<DD>precedence of users, network security, 123
<DD>preventing security breaches, 25–26
<DD>principals, Kerberos, 55
<DD>privacy issues, 242–243
<DD>private keys, 53–54
<DD>privilege escalation attack, 184–185, 187–188, 256–258, 288–289
<DD>privileges
<DL>
<DD>UNIX security, 33, 94–96
<DD>Windows NT security, 97–98, 283
</DL>
<DD>privilged programs, 107
<DD>process IDs (PIDs), UNIX security, 33
<DD>process inheritance, UNIX security, 34
<DD>processes, Windows NT security, 283
<DD>promiscuous mode adapters, network security, 264
<DD>protocols, network security, hacker exploitation, 119–120
<DD>proxies, network security, 149–150, 168, 169, 175
<DD>public keys, 53–54
<DL>
<DD>X.509 digital certificates, 67–68
</DL>
</DL>
<P><FONT SIZE="+1"><B>R</B></FONT></P>
<DL>
<DD>race condition
<DL>
<DD>Kerberos, 65
<DD>UNIX security, 92–93
</DL>
<DD>read access, 10
<DD>real group IDs (RGIDs), 87–97, 247–259
<DD>real user IDs (RUID), 87–97, 247–259
<DD>realm, Kerberos, 55
<DD>RealSecure, 194, 277–279, <B>278,</B> 297–298
<DD>real-time security products, 24, 173–174
<DD>reference monitor, 10–12, <B>11</B>
<DL>
<DD>access control, 164
<DD>auditing, 20–21
<DD>bugs, 164
<DD>security kernel, 13–14
</DL>
<DD>registry information, Windows NT security, 39–40
<DD>registry permissions, Windows NT security, 102
<DD>rehearsing the response, 306–307
<DD>remote attacks, Windows NT security, 290–292
<DD>remote scanners, 212–213, 317
<DD>research in intrusion detection, 323, 327–328
<DD>responding to attacks, 25–26, 305–312
<DL>
<DD>alerting others, 310
<DD>analyzing the attack, 309–310
<DD>auditing, 307–308
<DD>backups, 305–308, 310
<DD>cryptography/encryption, 308
<DD>disconnect/shut down of resources, 309
<DD>discovery of attack, 308–309
<DD>documentation of system, 305–308
<DD>evaluation of situation, 309
<DD>evidence collection for litigation, 309
<DD>logging events, 307–308
<DD>policy, security policy, 305–308
<DD>preparing beforehand, 305–308
<DD>pursuing the attacker, 311–312
<DD>rehearsing the response, 306–307
<DD>restoring system, 310
<DD>site security, 306
<DD>Tivoli Management Environment (TME), 308
<DD>training personnel in security, 306–307
<DD>warning users of potential threats, 307
</DL>
<DD>restoring the attacked system, 310–311
<DD>retinal scans, 16
<DD>reusable passwords, 42–43, 51–52
<DD>rights, Windows NT security, 97–98
<DD>risk assessment, 3–4, 6–9, 245
<DL>
<DD>impersonation likelihood, 136–137
<DD>Internet Protocol (IP), 135
<DD>network security, 157–162
<DD>vulnerability scanners (<I>See</I> <I>also</I> scanners), 173–174
</DL>
<DD>rlogin-froot, 176, 193, 267
<DD>role-based models, 110
<DD>root access problems, 33, 103, 185–186, 193, 256–258
<DD>routers, network security, 127, 130, 148, 158–159, 264
<DD>routing interchange protocol (RIP), 141
<DD>RSA public-key cryptography, 53
<DD>rule sets, 176–178, <B>177</B>
</DL>
<P><FONT SIZE="+1"><B>S</B></FONT></P>
<DL>
<DD>SAFESuite, Windows NT security, 297–298
<DD>salt for password enhancement, 36–37
<DD>SATAN, 268
<DD>saved set-group IDs (SSGID), UNIX security, 88
<DD>saved set-user IDs (SSUID), UNIX security, 88
<DD>scanners (<I>See</I> <I>also</I> vulnerability scanners), 22–23, 173–174, 181, 317, 324–325
<DD>scope in pattern matching, 247–248, 255
<DD>scope of entities in network, 122
<DD>screening routers, network security, 148, 158–159, 161
<DD>secondary group IDs, UNIX security, 87–97, 247–259
<DD>secret keys, 53
<DD>secure attention key (SAK), operating system security, 49
<DD>Secure Networks Inc. (SNI), 225, 243
<DD>secure socket layer (SSL), X.509 digital certificates, 69–70
<DD>security account manager (SAM), Windows NT security, 40
<DD>Security Dynamics, 74–77
<DD>security identifiers (SIDs), Windows NT security, 40–41, 97, 123
<DD>security kernel, 13–14, 117
<DD>security models, 3, 6–9
<DL>
<DD>access control, 18–20, 22, 81–111
<DD>auditing, 14, 20–21
<DD>augment vs. replace existing security, 25
<DD>authorization databases, 10–12
<DD>authorization, 10–12
<DD>availability of data, 5–6
<DD>basic security model, 9–14, 314
<DD>centralized security, 24
<DD>classic security model, 3–4
<DD>classifying security products, 21–25
<DD>confidentiality of data, 5–6
<DD>distributed computing environments (DCE), 24
<DD>distributed security, 24
<DD>enhancing the basic security model, 14–21
<DD>existing vs. new data sources, 25
<DD>firewalls, 26
<DD>generic IDS model, 176–178, <B>177</B>
<DD>goals of computer security, 4–6, 4
<DD>identification & authentication (I&A), 14–18, 22, 29–79
<DD>integrity of data, 5–6,
<DD>interval-based security products, 24, 173–174
<DD>intrusion detection systems (IDS), 23, 25–26
<DD>layered network security model, 114–119, <B>115,</B> 188, <B>189, </B>190–193
<DD>monitoring security, 23
<DD>network level security, 24
<DD>operating system security, 7–9
<DD>prevention, detection, response, 25–26
<DD>real-time security products, 24, 173–174
<DD>reference monitor, 10–12, <B>11</B>
<DD>role-based models, 110
<DD>scanners (see vulnerability scanners)
<DD>security kernel, 13–14, 117
<DD>system level security, 24
<DD>Tivoli Management Environment (TME), 110
<DD>tradeoffs of security vs. accessibility of data, 23
<DD>trusted computing base (TCB), 14
</DL>
<DD>security models, 6–9, 6
<DD>security reference monitor (SRM), Windows NT security, 283
<DD>security within security, network security, 122
<DD>self referencing and IDS, 324–325
<DD>sendmail bug, 189, 267
<DD>SeOS (Memco) to improve access control, 104–110, 193, 211–212
<DD>sequence in pattern matching, 247–248
<DD>sequence number guessing, 143–144, 267
<DD>servers
<DL>
<DD>ACE/Server (Security Dynamics), 74–77
<DD>network information system (NIS/NIS+), 37–39
<DD>network security, 165–166
<DD>security kernel, 13–14, 117
<DD>storing passwords in central server, 37–39
</DL>
<DD>session keys, Kerberos, 55–61
<DD>shadow password files, 31–32, 62
<DD>shared resource vulnerability, Windows NT security, 291
<DD>shoulder surfing, 34, 48
<DD>simple mail transfer protocol (SMTP), 123, 189
<DD>single message attacks, Internet Protocol (IP), 133
<DD>site security, 306
<DD>smart cards, 16, 74–76, <B>75</B>
<DD>SMB, 114
<DD>sniffers, 263–281, 319–320
<DL>
<DD>comparison of commercial sniffers, 276–280
<DD>cryptography/encryption vs., 271–272, 274
<DD>destination node setup, 273–276
<DD>internal attacks may be missed, 270–271, <B>271</B>
<DD>Internet Protocol (IP), 132
<DD>limitations, 270–276
<DD>NetRanger (IBM) sniffer, 277
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -