Graves K. — CEH: Official Certified Ethical Hacker Review Guide :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Graves K. — CEH: Official Certified Ethical Hacker Review Guide

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: CEH: Official Certified Ethical Hacker Review Guide

Автор: Graves K.

Аннотация:

The Certified Ethical Hacker exam is quickly becoming one of the most popular security certifications offered today. Candidates much prove their ability in not only identifying security risks from all levels, but also how to address those risks. This book provides a concise, easy to follow approach to this difficult exam. Focusing 1000n the exam objectives, the CEH: Certified Ethical Hackers Review Guide is designed for those who feel they are ready to attempt this challenging exam. The book also comes with an interactive CD, including two Bonus Exams, a series of Flashcards, and a Glossary of Key Terms.

Язык:

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2007

Количество страниц: 264

Добавлена в каталог: 11.12.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

007 Shell program      190
802.11i standard      161
A (address) record type      27
Access points, rogue      163
ACK (acknowledgment) packets      127 127
ACK flag      49—50 49
ACK scans      46
AckCmd program      190
Active attacks      3 4 75
Active Directory viruses      100
Active reconnaissance      5
Active session hijacking      126
Active sniffing      109
Active stack fingerprinting      52
Acunetix Web Vulnerability Scanner tool      143
Address (A) record type      27
Address range of networks      27
Address Resolution Protocol (ARP), poisoning      110
Address Resolution Protocol (ARP), spoofing      109
Address spoofing      See spoofing
Administrator account passwords      79
ADMutate tool      189
Adore rootkit      181
Advanced Encryption Standard (AES)      161
Aircrack tool      162
AirSnort tool      160 162
alternate data streams      83
Anonymizers      53—54
Anti-honeypot software      190
Antivirus evasion techniques      101
Application-level rootkits      81
Applications, executing      80
Applications, weaknesses in      3
ARIN database      24—25 25
Armored viruses      100
ARP (Address Resolution Protocol), poisoning      110
ARP (Address Resolution Protocol), spoofing      109
Arpspoof tool      112
Art of manipulation      31—32
Assessments, security      204—205
Asymmetric key cryptography      196
Attachments      34
Attack phase in penetration, testing      206
Attacks, defined      2
Attrib command      83
Audit disabling      85
AuditPol tool      85
Authentication, hijacking      142 144
authentication, two-factor      76
Authentication, types      144
Authentication, wireless networks      161 163
Automated network-tracing tools      124
Automated password guessing      76
Backdoors      81 91—93
BackOrifice 2000 tool      95
BackOrifice Trojan      93
BackStealth tool      54
Banner grabbing      52
Basic HTTP authentication      144
Beast tool      96
Biometrics      76
Bit-flipping attacks      9
Black Hats      7
black-box testing      12
Black-hat tests      205
BlackWidow tool      143
Blindside application      84
Blowfish algorithm      197—198
BoSniffer tool      95
botnets      123
BOTs      123
Breach incidents      170—171
brute-force attacks      77 145
Bubonic tool      121
buffer overflows      80—81 151 154
Buffer overflows, exam essentials      155
Buffer overflows, mutation techniques      155
Buffer overflows, review questions      156—158
Buffer overflows, stack-based      154—155
Buffer overflows, types and detection      154
Buffer overflows, web application      142—143
Burp tool      143
C/C++ functions, buffer overflows for      155
C2MYAZZ tool      71
cache poisoning      111
Cain & Abel tool      112
Camera/Shy tool      84
Camouflage viruses      100
Canonical name (CNAME) record type      27
Canvas tool      208
Cavity viruses      100
Change intervals, password      73
Channels in Trojans      94
Cheops tool      52
Clearing event logs      86
CNAME (canonical name) record type      27
Command injection      142—143
Competitive intelligence      22—23
Compiling Linux kernel      179—180
Computer-based social engineering      32—33
ComputerSpy Key Logger tool      96
Conclusion phase in security evaluation plans      12
Conduct Security Evaluation Plan phase      12
Construction kits, Trojans      97
Cookie poisoning and snooping      142—143
CORE IMPACT tool      140 207
Cottrell, Lance      53
Countermeasures, DoS attacks      124—125
Countermeasures, IDS and honeypots      191
Countermeasures, NTFS streams      83—84
Countermeasures, null sessions      57—58
Countermeasures, password-cracking techniques      72—73 145
countermeasures, port scanning      45—46
Countermeasures, rootkits      82
Countermeasures, session hijacking      129
Countermeasures, SMB attacks      71—72 71
Countermeasures, sniffers      113
Countermeasures, SNMP enumeration      59
Countermeasures, social engineering      35—36
Countermeasures, SQL injection attacks      153—154
Countermeasures, steganography      85
Countermeasures, Trojans      98—99
Countermeasures, web application hacking      143—144
Countermeasures, wireless hacking      164
Covering tracks      6 85—86
covert channels      94
Covert_TCP program      190
CPU Hog tool      121
crackers      7—8
Cracking passwords techniques      68—69
Cracking passwords techniques, countermeasures      72—73
Cracking passwords techniques, Lan Manager hashing      69—70
Cracking passwords techniques, SMB redirection      70—72 71
Cracking passwords techniques, web-based      See web-based password cracking techniques
Cracking passwords techniques, Windows 2000      70
Cross-site scripting      142—143
Cryptography      195—196
Cryptography algorithms      197—198
Cryptography, exam essentials      198
Cryptography, keys      197
Cryptography, review questions      199—201
Cyber Security Enhancement Act of 2002      13
CyberSpy tool      96
Data-Sending Trojans      94
DDoS (Distributed Denial of Service) attacks      93 120—122
DDoS (Distributed Denial of Service) attacks, characteristics      122—123
DDoS (Distributed Denial of Service) attacks, countermeasures      124—125
Deep Throat Trojan      93
Defacing websites      139
Demilitarized Zones (DMZs)      138 190

denial of service (DoS) attacks      119—120
Denial of Service (DoS) attacks, BOTs and BOTNETs      123
Denial of Service (DoS) attacks, countermeasures      124—125
Denial of Service (DoS) attacks, DDoS      93 120—123
Denial of Service (DoS) attacks, exam essentials      130
Denial of Service (DoS) attacks, NetBIOS      72
Denial of Service (DoS) attacks, purpose      8
Denial of Service (DoS) attacks, review questions      131—135
Denial of Service (DoS) attacks, smurf      124
Denial of Service (DoS) attacks, SYN flood      124
Denial of Service (DoS) attacks, Trojans      94
Denial of Service (DoS) attacks, types      120—122
Denial of Service (DoS) attacks, wireless      163
DEPLOY.EXE program      81
Destructive Trojans      94
Desynchronizing connections in session hijacking      125 128
dictionary attacks      77 145
Digest HTTP authentication      144
Directory traversal      142 144
Disabling auditing      85
display filters      110
Distributed Denial of Service (DDoS) attacks      93 120—122
Distributed Denial of Service (DDoS) attacks, characteristics      122—123
Distributed Denial of Service (DDoS) attacks, countermeasures      124—125
Distributed DNS Flooder tool      113
Distributions, Linux      178
DMZs (demilitarized zones)      138 190
Dnsspoof tool      112
DNSstuff.com tool      23
Domain Name System (DNS), enumeration      23 23—24
Domain Name System (DNS), record types      27
Domain Name System (DNS), spoofing      111—113
Domain Name System (DNS), tables      22
Domain Name System (DNS), zone transfer      59
Donald Dick tool      95
DoS attacks      See Denial of Service (DoS) attacks
Drawing network diagrams      52—53
Dskprobe tool      85
Dsniff tools      99 112
DumpSec tool      56
Dumpster diving      33 78
E-mail Keylogger      79
e-mail tracking      29
eavesdropping      163
eBlaster tool      79
Education for social engineering      36
ELiTeWrap tool      97
elsave.exe utility      86
eMailTracking Pro tool      29
Encryption      195—196
Encryption algorithms      197—198
Encryption, exam essentials      198
Encryption, keys      197
encryption, passwords      75
encryption, wireless networks      161 163
Encryption,review questions      199—201
Enum utility      60
Enumeration      41 55
Enumeration, characteristics      56
Enumeration, DNS      23 23—24
Enumeration, exam essentials      60—61
Enumeration, null sessions      56—58
Enumeration, review questions      62—66
Enumeration, SNMP      58—59
Enumeration, steps      60
Enumeration, Windows 2000 DNS zone transfer      59
Erasing evidence      85—86
Escalating privileges      79—80 206
Ethereal sniffer      109—110
EtherFlood tool      112
EtherPeek sniffer      109
Ethical hacking      1
Ethical hacking, characteristics      7—8
Ethical hacking, conducting      11—13 11
Ethical hacking, exam essentials      14—15
Ethical hacking, goals      8—9
Ethical hacking, hacker classes      6—7
Ethical hacking, legal implications      13—14
Ethical hacking, phases      4—6 4
Ethical hacking, purpose      8
Ethical hacking, reports      13
Ethical hacking, review questions      16—18
Ethical hacking, security, functionality, and ease of use triangle      9—10 9
Ethical hacking, skills      10
Ethical hacking, terminology      2—3
Ethical hacking, types      3—4 4 12
event logs, clearing      86
Event logs, monitoring      73
Evidence Eliminator system      86
Evidence, erasing      85—86
Executing applications      80
Executing, implanting, and retracting phase in penetration testing      206
expand command      70
Exploiting vulnerabilities      8
Exploits, defined      2
External assessment tests      204—205
Fast infectors      100
Fearless Key Logger      79
Federal law      14
files, hiding      83—84
Files, verifying      99
Filtered Nmap scans      46
Filters, Ethereal      110
Filters, MAC address      162
FIN scans      49—50
Find_ddos tool      125
Fingerprinting      52
Firekiller 2000 tool      96
Firewalls      189—191
Firewalls with traceroute      28
Firewalls, exam essentials      191
Firewalls, review questions      192—194
Flood attacks, MAC      111
Flood attacks, SYN      124
FMS attacks      160
Footprinting      19—20
Footprinting, competitive intelligence      22—23
Footprinting, defining      20—21
Footprinting, DNS enumeration      23 23—24
Footprinting, DNS record types      27
Footprinting, e-mail tracking      29
Footprinting, exam essentials      29—30
Footprinting, information gathering      21—22 22
Footprinting, network address ranges      27
Footprinting, review questions      37—40
Footprinting, traceroute tool      28 28
Footprinting, web spiders      29
Footprinting, Whois and ARIN lookups      24—27
Fport tool      98
Friendly Pinger tool      45
FTP Trojans      94
Full-open scans      50
Gaining access phase      5
GCC compilation commands      180
GetAcct tool      60
GetAdmin.exe program      80
GFI LANguard scanner      207
GirlFriend Trojan      93
Glossary      214—223
GNU Compiler Collection (gcc)      180
Goals of ethical hacking      8—9
Google search engine in information gathering      20
Google search engine in web application hacking      143
Graffiti tool      97
Grey hats      7
Grey-box testing      13
Hackers, classes      6—7
Hacktivism      6
Half-open scans      48 50
Handshakes, three-way      49 49 126—127 127

1 2 3 4

О проекте