Attack through the
Internet
Table of contents
Chapter 1. Introduction
1.1 Main concepts of computer security
1.2 Network security characteristics
1.3 Hackers vs. crackers
1.4 Main hackers’ targets
1.5 Network security: myths and reality
1.5.1 Hackers' power
1.5.2 Is your money secure?
1.5.3 Firewall as "absolute" network protection
1.6 Y2K and security issues
Chapter 2. Social engineering attacks
2.1 Social engineering: introduction
2.2 Social engineering attacks classification
2.3 Social engineering and human psychology
2.4 Computer systems intrusion examples
2.5 Social engineering over the Internet
2.5.1. IRC
2.5.2. E-MAIL
2.5.3. ICQ
2.6 How to protect yourself from social engineering attacks
2.6.1. Intrusion tests
2.6.2. User awareness
Chapter 3. Remote attacks in distributed computer
systems
3.1 Remote attacks classification
3.2 Standard remote attack concept and mathematical model
3.2 Characteristics and realization mechanisms of standard remote
attacks
3.2.1 Network traffic analysis
3.2.2 Trusted distributed object or subject substitution
3.2.3 Fake object of distributed computer system
3.2.4 Denial of service
Chapter 4. Remote attacks on Internet hosts
4.1 Internet traffic analysis
4.2 Fake ARP-server (ARP spoofing)
4.3 Fake DNS-server (DNS spoofing)
4.4 Forcing fake route to host using ICMP protocol (ICMP spoofing)
4.5 IP spoofing and TCP hijacking
4.5.1 TCP sequence number prediction by extrapolation of previous
values
4.5.2 Using the lack of TCP-connection identification to attack
rsh-server
4.6 TCP SYN flood or request buffer overflow
4.6.1 Windows NT under TCP SYN flood
4.7 Mythical Internet remote attacks
4.7.1 IP-fragmentation as firewall penetration
4.7.2 "Ping of Death"
4.8 Known operation systems bugs
4.8.1 Land
4.8.2 Teardrop
4.8.3 Smurf
4.8.4 Out of band (OOB)
Chapter 5. Methods of port scanning
5.1 “Known source” methods of port scanning
5.1.1 TCP SYN scanning
5.1.2 TCP FIN scanning
5.1.3 IP fragmentation scanning
5.1.4 TAP IDENT scanning
5.2. Anonymous methods of port scanning
5.2.1. FTP bounce attack
5.2.2 “Dumb” host scanning
5.2.3. “Proxy” scanning
Chapter 6. Remote attacks success causes
6.1 Remote attacks success causes in the distributed
computer systems
6.2 Remote attacks success causes in the Internet
Chapter 7. Secure distributed computer systems
7.1 Leased line between distributed objects
7.2 Virtual channel as additional identification and
authentication tool for distributed objects
7.3 Message route checking and control
7.4 Virtual connection checking and control
7.5 Design of distributed computer system with fully pre-determined
object information to eliminate remote search
Chapter 8. How to protect yourself from remote
Internet attacks
8.1 Administrative protection
8.2 Software and hardware protection tools and methods
Chapter 9. Remote attacks on operating systems
9.1 Introduction
9.2 Standard attacks scenarios classification in UNIX
9.3 The beginning (before the Worm)
9.4 Buffer overflow technology
9.5 The Worm
9.5.1. Strategies the Worm uses
9.6 After the Worm
9.6.1. Trying a password
9.6.2. Typical attacks
9.6.3. Trusted attacks
9.7 Present-day situation
9.7.1. telnetd daemon error
9.7.2. sendmail error
9.7.3. wu-ftpd vulnerabilities
9.7.4 innd vulnerabilities
9.8 UNIX vulnerabilities existence causes
9.9 Windows NT
9.9.1. Windows NT: classification of vulnerabilities causes
9.9.2 System services buffer overflow
9.9.3 Getting administration rights
9.9.4. Resource sharing and anonymous user
9.9.5. SMB in the Internet
9.9.6. Identification and authentication procedures
9.10 How to protect your host?
9.11 Software tools of security checking
9.11.1 SATAN
9.11.2 SAFESuite family
Chapter 10. Attacks through WWW
10.1 Attack on WWW-clients
10.1.1 Browser security
10.1.2 Java applets security
10.1.3. Other client applications security
10.1.4. Viruses and Trojans
10.2 Attack on Web-server
10.3 CGI scripts security
10.3.1 CGI Introduction
10.3.2 Known CGI-errors
10.3.3. Known CGI-scripts errors
10.3.4. Creating secure CGI-scripts
10.4 Using server-based applications to attack the WWW-clients
10.4.1 Сookies security
10.4.2. Identification problems
|