Microsoft Encyclopedia of Security

  • ポイントキャンペーン

Microsoft Encyclopedia of Security

  • ただいまウェブストアではご注文を受け付けておりません。 ⇒古書を探す
  • 製本 Paperback:紙装版/ペーパーバック版/ページ数 449 p.
  • 言語 ENG
  • 商品コード 9780735618770
  • DDC分類 005.803

Full Description


Get the single resource that defines-and illustrates-the rapidly evolving world of computer and network security. The MICROSOFT ENCYCLOPEDIA OF SECURITY delivers more than 1000 cross-referenced entries detailing the latest security-related technologies, standards, products, services, and issues-including sources and types of attacks, countermeasures, policies, and more. You get clear, concise explanations and case scenarios that deftly take you from concept to real-world application-ready answers to help maximize security for your mission-critical systems and data. Know your vulnerabilities-understand the ways black-hat attackers footprint and enumerate systems, exploit security holes, crack passwords, elevate privileges, and cover their tracks. Deploy your best defense-review fundamental concepts of intrusion detection systems, encryption technologies, virus protection, and computer forensics. Stay one step ahead-keep pace with emerging security technologies, such as Wi-Fi Protected Access and XML Encryption; recent government legislation; and the latest industry trends. Decipher security acronyms-from AES to XMLDSIG and 3DES to 802.11i, decode essential terms. Build your own network of resources-from professional associations and standards organizations to online communities and links to free information, know how to stay current. Get an edge in certification preparation-ideal reference for anyone pursuing Security+, MCSE, CISSP, GIAC, and other professional certifications. Entries include: Advanced Encryption Standard backdoors CERT/CC cookie poisoning digital rights management dynamic packet filtering E-SIGN Act file slack hacking honeypots ICMP tunneling IPSec John the Ripper keystroke logging L2TP L0phtCrack managed security service providers message digests NIAP Nmap Qchain one-time passwords password cracking PKI port scanning privacy reverse Telnet Safe Harbor Agreement spoofing Tcp_wrapper Trin00 UDP scanning viruses wardriving Windows cryptographic API XML signatures Web services security worms zombie zapper and more

Table of Contents

Acknowledgements                                   xxi
Introduction xxiii
What Is Computer Security? xxiii
Threats and Vulnerabilities xxiii
Standards and Protocols xxiii
Hacking and Cracking xxiv
Tools and Procedures xxv
Organizations and Certifications xxv
Cryptography xxv
Legal Issues xxvi
Who This Work Is For xxvi
How This Work Is Organized xxvi
Disclaimer xxvii
Comments and Questions xxvii
Alphabetical Reference of Terms
Numbers
3DES 1 (1)
802.1x 1 (2)
802.11i 3 (1)
2600 3 (2)
A
A5 5 (1)
AAA 5 (1)
acceptable use policy (AUP) 5 (1)
access 6 (1)
access control 6 (1)
access control entry (ACE) 7 (1)
access control list (ACL) 7 (1)
access list 8 (1)
access mask 9 (1)
access token 9 (1)
account lockout 9 (1)
account lockout policy 10 (1)
account policy 10 (1)
ACE 10 (1)
ACK storm 10 (1)
ACL 11 (1)
AclDiag 11 (1)
ACPA 11 (1)
ACSA 11 (1)
ACSAC 11 (1)
Active Directory 11 (1)
adaptive proxy 12 (1)
Adaptive Security Algorithm (ASA) 12 (1)
address-based authentication 12 (1)
address munging 13 (1)
address spoofing 13 (1)
Administrator 13 (1)
Admintool 14 (1)
admnlock 14 (1)
ADMw0rm 14 (1)
Advanced Encryption Standard (AES) 14 (1)
Advanced Security Audit Trail Analysis on 15 (1)
UNIX (ASAX)
Advanced Transaction Look-up and Signaling 15 (1)
(ATLAS)
advisory 16 (1)
adware 16 (1)
AES 16 (1)
AH 17 (1)
AKE 17 (1)
alert 17 (1)
alert flooding 17 (1)
Amap 17 (1)
amplification attack 18 (1)
Annual Computer Security Applications 18 (1)
Conference (ACSAC)
anomaly-based IDS 18 (1)
anonymous access 19 (1)
anonymous proxy 19 (1)
anonymous Web browsing 19 (1)
Anticybersquatting Consumer Protection Act 20 (1)
(ACPA)
AntiSniff 20 (1)
antivirus software 20 (1)
application-level gateway 20 (1)
application-level proxy 21 (1)
application protection system (APS) 21 (1)
Application Security Tool (AppSec) 21 (1)
Applications as Services (Srvany) 21 (1)
Applied Computer Security Associates (ACSA) 22 (1)
AppSec 22 (1)
APS 22 (1)
Apsend 22 (1)
APSR 23 (1)
arbitrary code execution attack 23 (1)
Argus 23 (1)
ARP cache poisoning 23 (1)
ARP redirection 24 (1)
ARP spoofing 24 (1)
Arpwatch 24 (1)
AS 25 (1)
ASA 25 (1)
ASAX 25 (1)
ASP.NET Forms authentication 25 (1)
assets 25 (1)
asymmetric key algorithm 25 (1)
ATLAS 26 (1)
ATR string 26 (1)
attack 27 (1)
attack map 27 (1)
auditing 28 (1)
audit log 29 (1)
Auditpol 29 (1)
audit policy 29 (1)
audit trail 30 (1)
Augmented Key Exchange (AKE) 30 (1)
AUP 31 (1)
AusCERT 31 (1)
Australian Computer Emergency Response Team 31 (1)
(AusCERT)
authentication 31 (1)
Authentication, Authorization, and 32 (1)
Accounting (AAA)
Authentication Header (AH) 32 (1)
authentication package 33 (1)
authentication server (AS) 33 (1)
Authenticode 33 (1)
authorization 34 (1)
authorization creep 34 (1)
autologon 34 (1)
autorooter 34 (1)
B
backdoor 35 (1)
Back Orifice 35 (1)
Back Orifice 2000 (BO2K) 36 (1)
backup authority 37 (1)
backup plan 37 (1)
Badtrans.B 37 (1)
bandwidth consumption attack 38 (1)
banner grabbing 38 (1)
base content type 38 (1)
Basic authentication 38 (1)
Basic Encoding Rules (BER) 39 (1)
Bastille 39 (1)
bastion host 39 (1)
BBBOnLine 40 (1)
behavior-blocking software 40 (1)
BER 41 (1)
biometric identification 41 (1)
BIOS cracking 42 (1)
black hat 43 (1)
Black Hat Briefings 43 (1)
blackholing 43 (1)
BLOB 44 (1)
block cipher 44 (1)
Blowfish 44 (1)
BO2K 45 (1)
boink attack 45 (1)
bonk attack 45 (1)
Brown Orifice 45 (1)
BRP 46 (1)
brute-force attack 46 (1)
bucket brigade attack 46 (1)
buffer overflow 46 (1)
buffer overrun 46 (1)
Bugtraq 47 (1)
bulk encryption key 47 (1)
business continuity plan 47 (1)
business resumption plan (BRP) 47 (2)
C
CA 49 (1)
CA certificate 49 (1)
CA hierarchy 49 (1)
cache poisoning 50 (1)
callback 50 (1)
Canadian Centre for Information Technology 50 (1)
Security (CCITS)
canonicalization error 50 (1)
CAPI 51 (1)
CAPICOM 51 (1)
Carnivore 51 (1)
CAS 51 (1)
CAST 51 (1)
CBC 51 (1)
CCA 51 (1)
CCITS 51 (1)
cDc 52 (1)
Center for Education and Research in 52 (1)
Information Assurance and Security (CERIAS)
Center for Internet Security (CIS) 52 (1)
CERIAS 52 (1)
CERT/CC 52 (1)
CERT Coordination Center (CERT/CC) 52 (1)
certificate 53 (1)
certificate authority (CA) 53 (1)
certificate-based authentication 53 (1)
Certificate Information Systems Auditor 54 (1)
(CISA)
certificate request 54 (1)
certificate revocation list (CRL) 54 (1)
certificate server 54 (1)
certificate store 55 (1)
certificate trust list (CTL) 55 (1)
Certified Information Systems Security 55 (1)
Professional (CISSP)
CFB 56 (1)
chaining mode 56 (1)
Challenge Handshake Authentication Protocol 56 (1)
(CHAP)
challenge response authentication 56 (1)
CHAP 57 (1)
Chernobyl 57 (1)
chief security officer (CSO) 57 (1)
chosen ciphertext attack 58 (1)
chosen plaintext attack 58 (1)
chroot jail 58 (1)
CIAC 59 (1)
cipher 59 (1)
cipher block chaining (CBC) 59 (1)
cipher feedback (CFB) 59 (1)
cipher mode 59 (1)
ciphertext 60 (1)
ciphertext-only attack 60 (1)
CIS 60 (1)
CISA 60 (1)
CISSP 60 (1)
cleartext 60 (1)
clogging attack 61 (1)
code access permissions 61 (1)
code access security (CAS) 61 (1)
CodeRed 61 (1)
code signing 62 (1)
Common Criteria & Methodology for 62 (1)
Information Technology Security Evaluation
Common Cryptographic Architecture (CCA) 63 (1)
Common Vulnerabilities and Exposures (CVE) 63 (1)
compromised system 63 (1)
computer forensics 64 (1)
Computer Incident Advisory Capability (CIAC) 64 (1)
Computer Security Division (CSD) 65 (1)
computer security incident response team 65 (1)
(CSIRT)
Computer Security Institute (CSI) 65 (1)
confidentiality 66 (1)
confidentiality agreement 66 (1)
consensus baseline security settings 66 (1)
cookie poisoning 67 (1)
covert channel 67 (1)
cracking 68 (1)
CRC 69 (1)
credentials 69 (1)
CRL 69 (1)
cross-realm authentication 69 (1)
cross-site scripting (CSS) 69 (1)
cryptanalysis 70 (1)
CryptoAPI (CAPI) 70 (1)
cryptographic hash function 71 (1)
cryptographic service provider (CSP) 71 (1)
cryptography 71 (1)
cryptology 72 (1)
cryptosystem 72 (1)
CSD 72 (1)
CSI 72 (1)
CSIRT 72 (1)
CSO 72 (1)
CSP 72 (1)
CSS 72 (1)
CTL 73 (1)
Cult of the Dead Cow (cDc) 73 (1)
CVE 73 (1)
cybercrime 73 (1)
cyclical redundancy check (CRC) 73 (2)
D
DAC 75 (1)
DACL 75 (1)
Data Encryption Algorithm (DEA) 75 (1)
Data Encryption Standard (DES) 75 (1)
data integrity 75 (1)
Data Protection API (DPAPI) 76 (1)
DCS-1000 76 (1)
DDoS 77 (1)
DEA 77 (1)
decryption 77 (1)
Defcon 77 (1)
defense in depth 78 (1)
demilitarized zone (DMZ) 78 (1)
denial of service (DoS) 79 (1)
Department of Defense Information 80 (1)
Technology Security Certification and
Accreditation Process (DITSCAP)
DES 80 (1)
DESX 80 (1)
DH 81 (1)
dictionary attack 81 (1)
Diffie-Hellman (DH) 81 (1)
diffing 81 (1)
Digest authentication 82 (1)
DigiCrime 83 (1)
digital certificate 83 (1)
digital fingerprinting 83 (1)
digital forensics 83 (1)
Digital Millennium Copyright Act (DMCA) 84 (1)
Digital Rights Management (DRM) 84 (1)
digital signature 85 (1)
Digital Signature Algorithm (DSA) 86 (1)
Digital Signature Standard (DSS) 86 (1)
digital watermarking 87 (1)
disaster recovery plan (DRP) 87 (1)
discretionary access control (DAC) 88 (1)
discretionary access control list (DACL) 88 (1)
distributed denial of service (DDoS) 89 (1)
DITSCAP 90 (1)
DMCA 90 (1)
DMZ 91 (1)
DNS cache poisoning 91 (1)
DNS spoofing 91 (1)
DoS 91 (1)
dot bug vulnerability 91 (1)
DPAPI 92 (1)
DRM 92 (1)
DRP 92 (1)
DSA 92 (1)
Dsniff 92 (1)
DSS 92 (1)
dynamic packet filtering 92 (1)
dynamic proxy 93 (2)
E
EAP 95 (1)
EAP-TLS 95 (1)
EAP-TTLS 95 (1)
eavesdropping 95 (1)
ECB 96 (1)
ECC 96 (1)
ECDSA 96 (1)
EFS 96 (1)
egress filtering 96 (1)
EICAR 97 (1)
EKE 97 (1)
Electronic Codebook (ECB) 98 (1)
Electronic Privacy Information Center (EPIC) 98 (1)
Electronic Signatures in Global and 98 (1)
National Commerce (E-SIGN) Act
elevation of privileges (EoP) 99 (1)
El Gamal 99 (1)
elliptic curve cryptography (ECC) 99 (1)
Elliptic Curve Digital Signature Algorithm 100 (1)
(ECDSA)
Encapsulating Security Payload (ESP) 100 (1)
Encrypted Key Exchange (EKE) 100 (1)
Encrypting File System (EFS) 101 (1)
encryption 101 (1)
encryption algorithm 101 (1)
end-to-end encryption 102 (1)
ENUM 103 (1)
enumeration 103 (1)
EoP 104 (1)
EPIC 104 (1)
E-SIGN Act 104 (1)
ESP 104 (1)
/etc/passwd 104 (1)
Ethereal 104 (1)
European Institute of Computer Anti-Virus 105 (1)
Research (EICAR)
event logs 105 (1)
exploit 105 (1)
exposure 106 (1)
Extensible Authentication Protocol (EAP) 106 (1)
Extensible Authentication 107 (1)
Protocol--Transport Layer Security (EAP-TLS)
Extensible Authentication 107 (2)
Protocol--Tunneled Transport Layer Security
(EAP-TTLS)
F
Fair Information Practices (FIP) 109 (1)
false negative 109 (1)
false positive 110 (1)
fast packet keying 110 (1)
FedCIRC 110 (1)
Federal Computer Incident Response Center 110 (1)
(FedCIRC)
Federal Information Processing Standard 111 (1)
(FIPS)
Federal Information Technology Security 111 (1)
Assessment Framework (FITSAF)
file integrity checker 111 (1)
File Signature Verification (FSV) 112 (1)
file slack 112 (1)
file system traversal attack 113 (1)
filter 113 (1)
Finger 114 (1)
fingerprinting 114 (1)
FIP 115 (1)
FIPS 115 (1)
firewall 115 (1)
First 116 (1)
Fitsaf 117 (1)
footprinting 117 (1)
Fortezza 117 (1)
Forum of Incident Response and Security 117 (1)
Teams (FIRST)
Fping 118 (1)
Fpipe 118 (1)
Fport 118 (1)
fragmentation 119 (1)
FSV 119 (1)
FTP bounce attack 119 (2)
G
GetAdmin 121 (1)
GIAC 121 (1)
Global Information Assurance Certification 121 (1)
(GIAC)
GnuPG 122 (1)
GNU Privacy Guard (GnuPG) 122 (1)
Goner 122 (1)
Good Times 123 (1)
gray hat 123 (1)
Group Policy 124 (1)
guest account 124 (1)
H
hacker 125 (1)
Hackers On Planet Earth (HOPE) 125 (1)
hacking 126 (1)
hacktivism 126 (1)
hardening 127 (1)
hardware security module (HSM) 127 (1)
hash 128 (1)
hashing algorithm 128 (1)
hash-based message authentication code 129 (1)
(HMAC)
headless server 129 (1)
hex editor 130 (1)
hex encoding URL attack 130 (1)
HFNetChk 130 (1)
hidden file 130 (1)
HIDS 131 (1)
hierarchy of trust 131 (1)
hijacking 131 (1)
HMAC 131 (1)
hoax 131 (1)
Honeynet Project 132 (1)
honeypot 132 (1)
HOPE 133 (1)
host-based IDS 133 (1)
host-based intrusion detection system (HIDS) 133 (1)
host-based security 134 (1)
hotfix 134 (1)
Hping 135 (1)
HSM 135 (1)
.htaccess 135 (1)
HTTPS 135 (1)
hybrid attack 135 (2)
I
IA 137 (1)
IASE 137 (1)
IATF 137 (1)
ICMP attacks 137 (1)
ICMP enumeration 137 (1)
ICMP fingerprinting 138 (1)
ICMP flood 138 (1)
ICMP sweep 138 (1)
ICMP Traceback (itrace) 138 (1)
ICMP tunneling 138 (1)
IDEA 139 (1)
identity theft 139 (1)
idle host scan 140 (1)
IDS 141 (1)
IIS Lockdown Tool 141 (1)
IKE 141 (1)
IKEv2 141 (1)
Iloveyou 141 (1)
impersonation 141 (1)
incident 141 (1)
incident response 142 (1)
incident response team 142 (1)
infection 142 (1)
information assurance (IA) 143 (1)
Information Assurance Support Environment 143 (1)
(IASE)
Information Assurance Technical Framework 143 (1)
(IATF)
information leakage 144 (1)
Information Systems Audit and Control 144 (1)
Association (ISACA)
Information Systems Security Association 145 (1)
(ISSA)
Information Technology Security Evaluation 145 (1)
Criteria (ITSEC)
infosec 145 (1)
InfraGard 145 (1)
ingress filtering 146 (1)
initialization vector 146 (1)
input validation attack 146 (1)
insider attack 147 (1)
integrity 147 (1)
International Data Encryption Algorithm 147 (1)
(IDEA)
International Information Systems Security 148 (1)
Certification Consortium (ISC)2
Internet Key Exchange (IKE) 148 (1)
Internet Key Exchange version 2 (IKEv2) 149 (1)
Internet Protocol Security (IPSec) 149 (1)
Internet Security and Acceleration (ISA) 150 (1)
Server
intrusion 150 (1)
intrusion detection system (IDS) 150 (2)
intrusion prevention system (IPS) 152 (1)
IP address--based authentication 152 (1)
IP address restriction 152 (1)
IP address spoofing 153 (1)
IP fragmentation attack 153 (1)
Iplog 154 (1)
IPS 154 (1)
IPSec 154 (1)
IPSec filter 154 (1)
IPSec policy 154 (1)
IP spoofing 155 (1)
ISACA 155 (1)
ISA Server 155 (1)
(ISC)2 155 (1)
island-hopping 155 (1)
ISO 17799 155 (1)
ISSA 156 (1)
itrace 156 (1)
ITSEC 156 (1)
J
JFK 157 (1)
Jill 157 (1)
John the Ripper 157 (1)
Jolt2 157 (1)
Juggernaut 157 (1)
Just Fast Keying (JFK) 158 (1)
K
KDC 159 (1)
Kensington security slot 159 (1)
Kerberos 159 (1)
Kerberos policy 160 (1)
key 160 (1)
key distribution center (KDC) 161 (1)
keyed hash 161 (1)
keyed-hash message authentication code 162 (1)
key escrow 162 (1)
key exchange 163 (1)
key management 164 (1)
key pair 164 (1)
key recovery 164 (1)
key ring 165 (1)
key rollover 165 (1)
key search attack 165 (1)
keyspace 165 (1)
keystroke logger 166 (1)
klaxon 166 (1)
Klez 166 (1)
Knark 167 (1)
known plaintext attack 167 (1)
KryptoKnight 167 (2)
L
L0phtCrack 169 (1)
L2TP 169 (1)
LaGrande Technology (LT) 169 (1)
LAND attack 169 (1)
LAN Manager authentication 170 (1)
LANMAN authentication 170 (1)
Layer 2 Tunneling Protocol (L2TP) 171 (1)
LEAP 171 (1)
least privilege 171 (1)
LFM 172 (1)
Liberty Alliance Project 172 (1)
Lightweight Extensible Authentication 172 (2)
Protocol (LEAP)
Linsniff 174 (1)
listening port 174 (1)
LM authentication 174 (1)
local attack 175 (1)
local exploit 175 (1)
locally unique identifier (LUID) 175 (1)
local registration authority (LRA) 175 (1)
Local Security Authority (LSA) 176 (1)
local security policy 176 (1)
locking down 176 (1)
log analysis software 176 (1)
log cleaning 176 (1)
log file monitor (LFM) 177 (1)
logic bomb 177 (1)
Loginlog 177 (1)
logon 177 (1)
logon identifier 178 (1)
logon session 178 (1)
logon SID 178 (1)
Loki 178 (1)
LoveLetter 179 (1)
LRA 179 (1)
LSA 179 (1)
Lsadump2 179 (1)
LSA Secrets 179 (1)
Lsof 180 (1)
LT 180 (1)
LUCIFER 180 (1)
LUID 180 (1)
Luring attack 180 (1)
M
MAC 181 (1)
MAC duplication 181 (1)
MAC flooding 181 (1)
MAC spoofing 181 (1)
macro virus 182 (1)
Mafia Boy 182 (1)
mail bombing 182 (1)
mail relaying 183 (1)
malformed packet attack 183 (1)
malformed URL attack 184 (1)
malicious code 184 (1)
malware 184 (1)
managed security service provider (MSSP) 185 (1)
mandatory access control (MAC) 185 (1)
man-in-the-middle (MITM) attack 186 (1)
master key 187 (1)
MBSA 188 (1)
MCSA: Security 188 (1)
MCSE: Security 188 (1)
MD2 188 (1)
MD4 188 (1)
MD5 188 (1)
meet-in-the-middle attack 188 (1)
Melissa 189 (1)
message 189 (1)
message authentication code (MAC) 190 (1)
message digest (MD) 191 (1)
message digest 2 (MD2) 191 (1)
message digest 4 (MD4) 191 (1)
message digest 5 (MD5) 192 (1)
message integrity code (MIC) 192 (1)
MIC 192 (1)
Microsoft Baseline Security Analyzer (MBSA) 192 (1)
Microsoft Certified Systems Administrator 193 (1)
(MCSA): Security
Microsoft Certified Systems Engineer 193 (1)
(MCSE): Security
Microsoft Challenge Handshake 194 (1)
Authentication Protocol (MS-CHAP)
Microsoft Personal Security Analyzer (MPSA) 195 (1)
Microsoft Security & Privacy 195 (1)
Microsoft Security Notification Service 195 (1)
Microsoft Security Response Center (MSRC) 196 (1)
Microsoft Security Toolkit 196 (1)
Microsoft Security Update 197 (1)
Microsoft Strategic Technology Protection 197 (1)
Program (STPP)
Microsoft TechNet Security 197 (1)
MITM 198 (1)
Morris worm 198 (1)
MPSA 198 (1)
MS-CHAP 199 (1)
MSRC 199 (1)
MSSP 199 (1)
Mstream 199 (1)
mutual authentication 199 (2)
N
NAT 201 (1)
National Computer Security Center (NCSC) 201 (1)
National Fraud Information Center (NFIC) 201 (1)
National Information Assurance 202 (1)
Certification and Accreditation Process
(NIACAP)
National Information Assurance Partnership 203 (1)
(NIAP)
National INFOSEC Education & Training 203 (1)
Program (NIETP)
National Infrastructure Protection Center 203 (1)
(NIPC)
National Institute of Standards and 204 (1)
Technology (NIST)
National Security Agency (NSA) 204 (1)
National Strategy to Secure Cyberspace 205 (1)
National Telecommunications and Information 206 (1)
Administration (NTIA)
Nbtscan 206 (1)
Nbtstat 206 (1)
NCSC 206 (1)
Nessus 206 (1)
Netbus 207 (1)
Netcat 207 (1)
.NET Passport 208 (1)
Netstat 208 (1)
network address translation (NAT) 209 (1)
network-based intrusion detection system 210 (1)
(NIDS)
network-based security 210 (1)
network logon 210 (1)
network mapper 211 (1)
network monitor 211 (1)
network monitoring 211 (1)
network Security Hotfix Checker 212 (1)
Newtear 212 (1)
Next-Generation Secure Computing Base for 212 (1)
Windows
NFIC 213 (1)
Ngrep 213 (1)
NIACAP 213 (1)
NIAP 214 (1)
NIDS 214 (1)
NIETP 214 (1)
Nimda 214 (1)
NIPC 215 (1)
NIST 215 (1)
Nmap 215 (1)
nonce 215 (1)
nonrepudiation 216 (1)
notice 216 (1)
Npasswd 216 (1)
NSA 217 (1)
Nslookup 217 (1)
NTBugtraq 217 (1)
NTFS 217 (1)
NTIA 218 (1)
NTLM 218 (1)
Ntrights 219 (1)
null session attack 219 (2)
O
OAKLEY 221 (1)
obscurity 221 (1)
OCSP 221 (1)
OCTAVE 222 (1)
OFB 222 (1)
one-time pad (OTP) 222 (1)
one-time password (OTP) 222 (1)
one-way authentication 222 (1)
one-way encryption algorithm 223 (1)
one-way function 223 (1)
Onion Routing 223 (1)
Online Certificate Status Protocol (OCSP) 224 (1)
Online Personal Privacy Protection Act 224 (1)
onward transfer 225 (1)
OpenHack 225 (1)
open mail relay 225 (1)
OpenPGP 226 (1)
OpenSSH 226 (1)
OpenSSL 226 (1)
open system 226 (1)
Orange Book 227 (1)
opt in 227 (1)
opt out 227 (1)
OTP 227 (1)
Outlook E-mail Security Update 227 (1)
out-of-band management 228 (1)
output feedback mode (OFB) 228 (1)
overt channel 229 (2)
P
P3P 231 (1)
packet filtering 231 (2)
packet modification 233 (1)
packet replay 233 (1)
packet sniffer 233 (1)
padding 233 (1)
Palladium 233 (1)
PAM 234 (1)
PAP 234 (1)
parking lot attack 234 (1)
Passfilt.dll 234 (1)
passive attack 234 (1)
passphrase 234 (1)
Passport 235 (1)
Passprop 235 (1)
password 235 (1)
Password Authentication Protocol (PAP) 236 (1)
password-based encryption (PBE) 236 (1)
password cracking 237 (1)
password grinding 238 (1)
password hash 238 (1)
password policy 238 (1)
password recovery 238 (1)
password shadowing 239 (1)
patch 239 (1)
PBE 239 (1)
PCBC 239 (1)
PCT 239 (1)
PEAP 240 (1)
Peekabooty Project 240 (1)
PEM 241 (1)
penetration testing 241 (1)
perfect forward secrecy (PFS) 241 (1)
perimeter network 242 (1)
permissions 242 (1)
personal data 242 (1)
personal identification device (PID) 242 (1)
personal identification number (PIN) 243 (1)
personal information 243 (1)
personally identifiable information (PII) 243 (1)
PFS 243 (1)
PGP 243 (1)
phishing 243 (1)
Phrack 244 (1)
phreaking 244 (1)
physical security 244 (1)
PIC 245 (1)
PID 245 (1)
PII 245 (1)
pilfering 245 (1)
PIN 245 (1)
ping 246 (1)
ping flood 246 (1)
ping of death 246 (1)
ping sweep 246 (1)
PKCS 247 (1)
PKCS #7 247 (1)
PKI 247 (1)
PKINIT 247 (1)
PKIX 247 (1)
plaintext 248 (1)
plaintext cipher block chaining (PCBC) 248 (1)
Platform for Privacy Preferences (P3P) 248 (1)
playback 248 (1)
pluggable authentication module (PAM) 248 (1)
Point-to-Point Tunneling Protocol (PPTP) 249 (1)
port flooding 249 (1)
port forwarding 249 (1)
port numbers 250 (1)
port redirection 251 (1)
port scanning 251 (1)
PPTP 252 (1)
Pre-IKE Credential (PIC) 252 (1)
Pretty Good Privacy (PGP) 253 (1)
principal 253 (1)
privacy 254 (1)
Privacy Enhanced Mail (PEM) 254 (1)
privacy policy 254 (1)
privacy statement 255 (1)
Private Communication Technology (PCT) 255 (1)
private key 255 (1)
private key encryption 255 (1)
privilege escalation 255 (1)
privileges 255 (1)
PRNG 256 (1)
process table attack 256 (1)
promiscuous mode 256 (1)
Protected Extensible Authentication 256 (1)
Protocol (PEAP)
protocol analyzer 256 (1)
pseudorandom number generator (PRNG) 257 (1)
public key 257 (1)
public key cryptography 258 (1)
public key cryptography standards (PKCS) 259 (1)
public key encryption 259 (1)
Public Key Infrastructure (PKI) 259 (1)
Public-Key Infrastructure (X.509) (PKIX) 260 (1)
Publius Project 260 (1)
Pulist 261 (1)
Pwdump 261 (1)
PWL file 261 (2)
Q
Qchain 263 (1)
QFE 263 (1)
Qfecheck 263 (1)
Queso 263 (1)
Quick Fix Engineering (QFE) 264 (1)
R
RA 265 (1)
race condition 265 (1)
RADIUS 265 (1)
RAM slack 265 (1)
RAT 266 (1)
RBAC 266 (1)
RC2 266 (1)
RC4 266 (1)
RC5 266 (1)
RC6 266 (1)
realm 267 (1)
recognizable plaintext attack 267 (1)
reconnaissance 267 (1)
recovery agent 267 (1)
Recovery Console 268 (1)
reflection attack 268 (1)
Regdmp 269 (1)
registration authority (RA) 269 (1)
regression testing 270 (1)
remote administration tool (RAT) 270 (1)
Remote Authentication Dial-In User Service 270 (1)
(RADIUS)
replay attack 271 (1)
repudiation 271 (1)
resource exhaustion attack 271 (1)
restrictive shell 272 (1)
reverse Telnet 272 (1)
reversible encryption 272 (1)
Rexec 273 (1)
.rhosts 273 (1)
rights 273 (4)
Rijndael 277 (1)
Rinetd 278 (1)
RIP spoofing 278 (1)
risk assessment 278 (1)
Rivest-Shamir-Adleman (RSA) 279 (1)
Rlogin 280 (1)
Rnmap 280 (1)
role-based access control (RBAC) 281 (1)
role-based authorization 281 (1)
role-based security 281 (1)
rollup 282 (1)
root 282 (1)
root CA 282 (1)
root certificate 282 (2)
rootkit 284 (1)
root rollover 285 (1)
route verification 285 (1)
Rpcdump 285 (1)
RSA 286 (1)
Rsh 286 (1)
rule 287 (1)
Runas 287 (1)
Rwho 288 (1)
S
SACL 289 (1)
sacrificial lamb 289 (1)
Sadmind 289 (1)
Safe Harbor Agreement 290 (1)
Safe Harbor Principles 290 (1)
SAINT 291 (1)
salt 291 (1)
SAM 291 (1)
SAML 291 (1)
Sam Spade 291 (1)
sandbox 291 (1)
Sandwich Test 292 (1)
sanitized name 292 (1)
SANS Institute 292 (1)
SARA 293 (1)
SAS 293 (1)
SATAN 293 (1)
scanning 293 (1)
screened subnet 293 (1)
screening router 294 (1)
script kiddie 294 (1)
Sechole 294 (1)
secondary data uses 294 (1)
secondary logon 295 (1)
secret key 295 (1)
secret key encryption 295 (1)
secure attention sequence (SAS) 295 (1)
Secure Electronic Transaction (SET) 296 (1)
secure Hash Algorithm-1 (SHA-1) 296 (1)
Secure Hash Standard (SHS) 297 (1)
Secure Hypertext Transfer Protocol (S-HTTP) 297 (1)
Secure/Multipurpose Internet Mail 297 (1)
Extensions (S/MIME)
Secure Shell (SSH) 298 (1)
Secure Sockets Layer (SSL) 298 (1)
Secure Windows Initiative (SWI) 299 (1)
Security+ 300 (1)
Security Accounts Manager (SAM) 300 (1)
Security Administrator's Integrated Network 301 (1)
Tool (SAINT)
Security Assertion Markup Language (SAML) 301 (1)
Security Auditor's Research Assistant (SARA) 301 (1)
Security Configuration and Analysis 302 (1)
security context 302 (1)
security descriptor 302 (1)
security identifier (SID) 303 (3)
security log 306 (1)
security policy 306 (1)
security principal 307 (1)
security rollup package 307 (1)
security support provider interface (SSPI) 307 (1)
security template 308 (1)
security zone 308 (1)
SendIP 309 (1)
sensitive data 310 (1)
SERPENT 310 (1)
server certificate 310 (1)
server-gated cryptography (SGC) 311 (1)
service account 311 (1)
service pack (SP) 311 (1)
Service Release (SR) 312 (1)
session hijacking 312 (1)
session key 312 (1)
SET 313 (1)
SGC 313 (1)
SHA-1 313 (1)
SHA-2 313 (1)
shadow password file 313 (1)
shared secret 313 (1)
share-level security 313 (1)
Shiva PAP (SPAP) 314 (1)
ShowAcls 314 (1)
ShowPriv 314 (1)
SHS 314 (1)
S-HTTP 314 (1)
Sid2user 314 (1)
SIIA 315 (1)
single sign-on (SSO) 315 (1)
Sircam 315 (1)
site certificate 316 (1)
Six/Four 316 (1)
S/Key 316 (1)
Skipjack 317 (1)
Slammer 318 (1)
Slashdot Effect 318 (1)
smart card 318 (1)
SMBRelay 319 (1)
SMB signing 319 (1)
S/MIME 319 (1)
Smurf attack 319 (2)
sniffing 321 (1)
Snort 321 (1)
social engineering 321 (1)
SOCKS 322 (1)
Software & Information Industry Association 323 (1)
(SIIA)
software piracy 323 (1)
Software Update Services (SUS) 323 (1)
source routing 324 (1)
SP 324 (1)
spam 324 (1)
SPAP 325 (1)
Spar 325 (1)
special identities 326 (1)
spoofing 326 (1)
spyware 326 (1)
SR 327 (1)
SSCP 327 (1)
SSH 327 (1)
SSL 327 (1)
SSL accelerator 327 (1)
SSPI 327 (1)
Stacheldraht 327 (1)
stealth scanning 328 (1)
stream cipher 328 (1)
STPP 329 (1)
strong encryption 329 (1)
Su 329 (1)
subordinate CA 329 (1)
SubSeven 330 (1)
Sudo 330 (1)
SUID root 330 (1)
superuser 331 (1)
SUS 331 (1)
Swatch 331 (1)
SWI 331 (1)
symmetric key 331 (1)
symmetric key algorithm 331 (1)
symmetric key encryption 332 (1)
SYN flooding 332 (1)
SYN scan 333 (1)
Syskey 333 (1)
Syslog 334 (1)
system access control list (SACL) 334 (1)
System Administrator Tool for Analyzing 335 (1)
Networks (SATAN)
System Security Certified Practitioner 335 (2)
(SSCP)
T
TACACS 337 (1)
TACACS+ 337 (1)
TCPA 337 (1)
Tcpdump 337 (1)
Tcp_scan 337 (1)
TCP session hijacking 338 (1)
TCP SYN flooding 338 (1)
TCP three-way handshake 338 (1)
Tcp_wrapper 339 (1)
TCT 339 (1)
Teardrop attack 340 (1)
Temporal Key Integrity Protocol (TKIP) 340 (1)
Terminal Access Controller Access Control 340 (1)
System (TACACS)
TFN 341 (1)
The Coroner's Toolkit (TCT) 341 (1)
threat 341 (1)
ticket 341 (1)
TKIP 342 (1)
Tlist 342 (1)
TLS 342 (1)
Traceroute 342 (1)
Tracert 343 (1)
Transport Layer Security (TLS) 343 (1)
trapdoor 343 (1)
Trash2 344 (1)
Tribal Flood Network (TFN) 344 (1)
Tribal Flood Network 2000 (TFN2K) 344 (1)
Trin00 345 (1)
Trinoo 346 (1)
Trinux 346 (1)
Triple-A 346 (1)
Triple DES 346 (1)
Tripwire 346 (1)
Trojan 347 (1)
Trojan horse 348 (1)
trust 348 (1)
Trustbridge 348 (1)
TRUSTe 349 (1)
Trusted Computer System Evaluation Criteria 349 (1)
(TCSEC)
Trusted Computing Platform Alliance (TCPA) 350 (1)
Trustworthy Computing 350 (1)
TSEnum 351 (1)
tunneling 351 (1)
two-factor authentication 352 (1)
Twofish 352 (1)
U
UDP scanning 353 (1)
UDP tunneling 354 (1)
URLScan 354 (1)
User2sid 354 (1)
UserDump 355 (1)
user-level security 355 (2)
V
victim host 357 (1)
virtual private network (VPN) 357 (1)
virus 358 (1)
virus protection software 359 (1)
VLAD 360 (1)
VPN 361 (1)
vulnerability 361 (1)
vulnerability scanner 361 (2)
W
wardialing 363 (1)
wardriving 363 (1)
Wassenaar Arrangement 364 (1)
weak key 364 (1)
Web anonymizer 364 (1)
Web bug 364 (1)
web of trust 365 (1)
Web permissions 365 (1)
Web Services Security (WS-Security) 366 (1)
WEP 366 (1)
WFP 366 (1)
Whisker 366 (1)
white hat 367 (1)
Whois 367 (1)
Wi-Fi Protected Access 368 (1)
Windows File Protection (WFP) 368 (1)
Windows NT Challenge/Response 369 (1)
Windows Product Activation (WPA) 369 (1)
Windows Rights Management (WRM) 370 (1)
Windows Update 370 (2)
Winnuke 372 (1)
WinTrinoo 372 (1)
Winux 372 (1)
Wired Equivalent Privacy (WEP) 372 (1)
workaround 373 (1)
world-writable 373 (1)
worm 374 (1)
WPA 374 (1)
WRM 374 (1)
WS-Security 374 (1)
WWWhack 375 (2)
X
X.509 377 (1)
XACML 378 (1)
Xauth 379 (1)
Xhost 379 (1)
XKMS 379 (1)
XMAS scan 379 (1)
XMLDSIG 380 (1)
XMLENC 380 (1)
XML Encryption (XMLENC) 380 (1)
XML Key Management Specification (XKMS) 380 (1)
XML Signatures (XMLDSIG) 381 (1)
Xscan 381 (1)
Xterm 382 (1)
Y
Ypgrab 383 (2)
Z
Zap 385 (1)
zombie 385 (1)
Zombie Zapper 385 (1)
zone 386 (1)
Appendix I: Applying Key Principles of Security 387 (8)
Appendix II: Understanding Your Enemy 395 (10)
Appendix III: Threats and Risk Assessment 405 (10)
Index 415