Graves K. — CEH: Official Certified Ethical Hacker Review Guide :: Электронная библиотека попечительского совета мехмата МГУ

Главная Ex Libris Книги Журналы Статьи Серии Каталог Wanted Загрузка ХудЛит Справка Поиск по индексам Поиск Форум

Авторизация

Поиск по указателям

Graves K. — CEH: Official Certified Ethical Hacker Review Guide

Обсудите книгу на научном форуме

Нашли опечатку?
Выделите ее мышкой и нажмите Ctrl+Enter

Название: CEH: Official Certified Ethical Hacker Review Guide

Автор: Graves K.

Аннотация:

The Certified Ethical Hacker exam is quickly becoming one of the most popular security certifications offered today. Candidates much prove their ability in not only identifying security risks from all levels, but also how to address those risks. This book provides a concise, easy to follow approach to this difficult exam. Focusing 1000n the exam objectives, the CEH: Certified Ethical Hackers Review Guide is designed for those who feel they are ready to attempt this challenging exam. The book also comes with an interactive CD, including two Bonus Exams, a series of Flashcards, and a Glossary of Key Terms.

Язык:

Рубрика: Технология/

Статус предметного указателя: Готов указатель с номерами страниц

ed2k: ed2k stats

Год издания: 2007

Количество страниц: 264

Добавлена в каталог: 11.12.2007

Операции: Положить на полку | Скопировать ссылку для форума | Скопировать ID

Предметный указатель

Hard Drive Killer Pro programs tool      96
Hardening methods      6
Hardening methods, Linux      181
Hardening methods, web servers      140—141
Hardware firewalls      189
Hardware keyloggers      78—79
Harris Stat tool      52
Hashed passwords      75
hashing algorithms      69—70
Heap-based buffer overflows      154
Hiding data      84—85
Hiding files      83—84
HIDSs (host-based IDSs)      188
Hijacking authentication      142 144
Hijacking session      See session hijacking
Hk.exe utility      80
Honeyd honeypot      191
honeypots      190—191
Honeypots, exam essentials      191
Honeypots, review questions      192—194
Host-auditing tools      124
Host-based IDSs (HIDSs)      188
hotfixes      140
Hping2 tool      51
HTTP, authentication      144
HTTP, tunneling techniques      54
HTTPort tool      54
HTTrack tool      52—53
Human-based social engineering      32—33
Hunt program      128
Hybrid attacks      77 145
Hyena tool      56
ICANN (Internet Corporation for Assigned Names and Numbers)      24
ICMP (Internet Control Message Protocol) scanning      44
ICMP Shell program      190
Icmpenum tool      51
IconPlus tool      97
Identity theft      33
IDLE scans      49
IDS      See intrusion detection systems (IDS)
IIS Unicode exploits      139—140
IKS (Invisible KeyLogger Stealth) Software Logger driver      79
ImageHide program      84
Impersonation      32
Infection, virus      100
Information gathering      5
Information gathering, Google search engine for      20
Information gathering, methodology      21—22 22
Information theft      9
Injection command      142—143
Injection, session hijacking      125 128
Injection, SQL      See SQL injection attacks
Inside attacks      3 4 33
Instant Source tool      143
Inter Process Communication share (IPC$)      57
Internal assessment tests      205
Internet Control Message Protocol (ICMP) scanning      44
Internet Corporation for Assigned Names and Numbers (ICANN)      24
Internet spoofing      111
Intranet spoofing      111
Intrusion detection systems (IDS), DoS attacks      124
Intrusion detection systems (IDS), evading      189
Intrusion detection systems (IDS), exam essentials      191
Intrusion detection systems (IDS), port scanning      43
Intrusion detection systems (IDS), review questions      192—194
Intrusion detection systems (IDS), types      188—189
Intrusion phase in DDoS attacks      123
Intrusion prevention systems (IPS)      45 188
Invisible KeyLogger Stealth (IKS) Software Logger driver      79
Inzider tool      98
IP Network Browser tool      58
IP Restrictions Scanner (IRS) tool      112
IP spoofing      54
IP Watcher tool      128
IPC$ (Inter Process Communication share)      57
IPEye tool      50
IPS (intrusion prevention system)      45 188
IPSecScan tool      50
Iris sniffer      109
IRS (IP Restrictions Scanner) tool      112
ISS Internet Scanner      207
John the Ripper tool      69
Jolt2 tool      121
Juggernaut sniffer      128
KerbCrack tool      69
Kernel-level rootkits      81
Kernels, Linux, compiling      179—180
Kernels, Linux, modules      180—181
Keyloggers      78—79
Keys, cryptography      197
Keystroke loggers      78—79
KFSensor IDS      191
KingPingicmpenum tool      51
Kismet tool      162
Knark rootkit      181
L0phtCrack tool      69
Lan Manager hashing      69—70
LAND attacks      121
LDAP (Lightweight Directory Access Protocol)      59
Leaving marks      206
Legal issues, hacking      13—14
Legal issues, penetration testing      206
Legion tool      69
LetMeRule tool      96
Library-level rootkits      81
Lightweight directory access protocol (LDAP)      59
Linux      177—178
Linux Kernel Modules (LKMs)      180—181
Linux, basics      178—179
Linux, exam essentials      182
Linux, hardening methods      181
Linux, kernel compilation      179—180
Linux, kernel modules      180—181
Linux, review questions      183—185
LNS.exe tool      84
Local exploits      2
Local network hacks      12
Logons, redirecting      70—72 71
Logs, clearing      86
Logs, keyloggers      78—79
Logs, monitoring      73
Loki tool      94
MAC addresses, ARP poisoning      110
MAC addresses, flooding      111
MAC addresses, spoofing      9 162—163
MAC Changer tool      113
Macof tool      112
Mail attachments      34
Mail exchange (MX) record type      27
MailTracking.com tool      29
Maintaining access phase      6
Makestrm.exe utility      83
malware      99
Man-in-the-middle (MITM) attacks      75
Manipulation      31—32
Masquerading      163
Masters in DDoS attacks      123
Masters Paradise Trojan      93
MBSA (Microsoft Baseline Security Analyzer)      207
Message Digest 5 (MD5) algorithm      82 197
Metasploit framework      140 208
Microsoft Baseline Security Analyzer (MBSA)      207
Misconfiguration weaknesses      3
MITM (man-in-the-middle) attacks      75
Mixed mode security      161
Modules, Linux      180—181
Monitoring Event Viewer logs      73
MP3Stego tool      84
Mstream tool      122
Multipartite viruses      100

MX (mail exchange) record type      27
N-Stalker Web Application Security Scanner tool      140
Name server (NS) record type      27
NBName tool      72
NBTdeputy tool      72
NeoTrace tool      29
Nessus Vulnerability Scanner      191 207
Net start _root_ command      82
Net stop _root_ command      82
NetBIOS Auditing Tool      56
NetBIOS, DoS attacks      72
NetBIOS, enumeration      57
NetBus 2 Trojan      93
NetBus tool      95
NetBus Trojan      93
Netcat Trojan      96
Netcraft tool      52
Netcraft website      53
NetINTERCEPTOR firewall      113
Netscan Tools Pro 2000      51
NetStumbler tool      162
network diagrams      52—53
Network-auditing tools      124
Network-based IDSs (NIDSs)      188
Network-ingress filtering      124
Networks, address ranges      27
Networks, scanning      43
Networks, wireless      See wireless hacking
NIDSs (network-based IDSs)      188
Nmap tool      46—48
Nonelectronic password attacks      78
NOP (No Operation) instructions      155
NS (name server) record type      27
nslookup tool      23 59
NT Lan Manager (NTLM), hashing      69—70
NTFS, file streams      83—84
NTFS, viruses      100
NTInfoScan tool      69
NULL scans      46 49—50
null sessions      56—58
Offline NT Password Resetter method      70
Offline password attacks      77
Online password attacks      74—75
Online scams      34
Open Nmap scans      46
Operating systems, fingerprinting      52
Operating systems, weaknesses      3
Operational security      171
Outside attacks      3 4
Overflows, buffer      See buffer overflows
Overt channels      94
Owning the system      5
Packet Crafter tool      112
Packet injection      125 127—128 127
Packet-sniffers      188
Packet-tracking tools      28 28
Pandora's Box kit      97
Passive attacks      3 4 74—75
Passive reconnaissance      5
Passive session hijacking      126
Passive sniffing      109
Passive stack fingerprinting      52
Password-cracking techniques      68—69
Password-cracking techniques, countermeasures      72—73
Password-cracking techniques, Lan Manager hashing      69—70
Password-cracking techniques, SMB redirection      70—72 71
Password-cracking techniques, web-based      See web-based password cracking techniques
Password-cracking techniques, Windows 2000      70
Passwords, automated password guessing      76
Passwords, change intervals      73
Passwords, nonelectronic attacks      78
Passwords, offline attacks      77
Passwords, online attacks      74—75
Passwords, SNMP      58
Passwords, types      74—75
patch management      140
Penalties of unauthorized hacking      13
penetration testing      8 203—204
Penetration testing, automated tools      207—208
Penetration testing, deliverables      208
Penetration testing, exam essentials      208
Penetration testing, legal framework      206
Penetration testing, overview      204—205
Penetration testing, review questions      209—211
Penetration testing, steps      205—206
Perimeter hardware firewalls      189
Perimeters in penetration testing      206
Permissions, escalating      79—80 206
Phases, ethical hacking      4—6
phishing      32 34—35
Phonesweep tool      51
Physical security      169—170
Physical security, accountability for      172
Physical security, breach incidents      170—171
Physical security, categories      171
Physical security, exam essentials      172—173
Physical security, factors      172
Physical security, need for      171
Physical security, review questions      174—176
Physical-entry attacks      12
Ping of Death attacks      121
Ping sweeps      44—45
Pinger tool      45
Pointer (PTR) record type      27
Poisoning, ARP      110
Poisoning, cookie      142—143
Poisoning,DNS      111—113
Polymorphic viruses      100
pop-up windows      34
port numbers, well-known      43
port scanning      43 45—46
Port-monitoring tools      98
Posing      32
Post-attack phase in penetration testing      206
PrcView tool      98
Preparation phase in security evaluation plans      11 11
Private keys      197
privilege escalation      79—80 206
Progenic Mail Trojan Construction Kit      97
Proxy servers in attacks      53
Proxy servers, DNS poisoning      111
Proxy Trojans      94
PsExec program      80
PSH flag      50
PTR (pointer) record type      27
Public key cryptography      196
Public keys      197
pwdump2 tool      71
QualysGuard scanner      207
Queso tool      52
Raina, Kapil      31
Rate-limiting network traffic      124
RATs (Remote Access Trojans)      92 94
Rattling the doorknobs      5
RC4 algorithm      197—198
RC5 algorithm      197—198
Read community strings      58
Read/write community strings      58
Reconnaissance phase      5
Record types, DNS      27
Redirection, SMB      70—72 71
Remote Access Trojans (RATs)      92 94
Remote dial-up network hacks      12
Remote exploits      2
Remote network hacks      12
Remote TCP Session Reset Utility      128
replay attacks      75
Retina scanner      207
Reverse social engineering      33
Reverse WWW shell      190

1 2 3 4

О проекте