Network Security Hacks [Electronic resources]

Andrew Lockhart

نسخه متنی -صفحه : 158/ 136

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [R] [S] [T] [U] [V] [W] [X] [Z]

backdoors

installed during root kit attacks

listening services that check for

bandwidth usage

tracking for machine with firewall rules

compiling and installing for Sguil

using with Snort

configuring Barnyard

limited database support

bash shell

setting up in chroot( ) environment

binaries, disallowing execution of

setuid, cautions with sudo utility

SUID or SGID bit

restricting zone transfers

bindip option, SnortSam

bit-for-bit copy of system disks

block-policy option (PacketFilter)

modifying for specific rules

booting compromised machine from an alternate media

browsers

acceptable formats for CA certs

Internet Explorer, listing files opened by

Mozilla, testing squid proxy

securing and accelerating with squid proxy over SSH

BSDs

IPsec connections under FreeBSD

IPsec connections under OpenBSD

netstat program, listing listening ports

OpenBSD and PacketFilter

systrace, restricting system calls with

buffer overflow attacks

avoiding by limiting range of bytes in request strings

kernel-based, preventing with grsecurity

stack-based, preventing

BusyBox, performing functions of system binaries