issuhub.com

CEH

(Jeff_L) #1

unsafe site warnings – webservers and web applications 461


unsafe site warnings, 248

UPDATE statement in SQL injection, 340

updates in social networking, 248

upload bombing, 319

URG flag, 385

URIs (uniform resource identifiers), 312

URLs

companies, 89

directory traversal attacks, 321

web apps, 288

U.S. Army, attack on, 331

U.S. Code of Fair Information Practices, 19

U.S. Communications Assistance for Law

Enforcement Act, 19

U.S. Computer Fraud and Abuse Act, 19

U.S. Department of Energy, attack on, 331

U.S. Electronic Communications Privacy

Act, 19

U.S. Kennedy-Kassebaum Health Insurance

and Portability Accountability Act, 19

U.S. Medical Computer Crime Act, 19

U.S. Missile Defense Agency, attack on, 331

U.S. National Information Infrastructure

Protection Act, 19

U.S. Privacy Act, 19

USB drives, 164 , 398

USB wireless cards, 365

user groups, 130

usernames

importance, 154

stealing, 5

users in Windows, 130–131

V

validation

certificates, 66

input, 317

vandalizing web servers, 316

version information in SQL injection, 338

vertical privilege escalation, 168 –169

viruses, 184

creating, 189

description, 183

detecting, 196–198, 198

kinds, 186 –188

life and times, 184 –186

researching, 189

Windows protection software, 47

voice recognition, 407

VRFY command, 143 –144

vulnerabilities, 45

pen testing, 10

research and tools, 18

scanning for, 106, 119

web servers and applications, 312–316

vulnerable software in web applications, 321

W

Wabbit virus, 185

WAITFOR command, 341

WAITFOR DELAY command, 341

walls, 407

warballooning, 361

warchalking, 361

warded locks, 404

wardialing, 106 –108

wardriving, 108 , 360–361

warflying, 361

warning banners, 396 –397

warwalking, 361

WaveStumbler tool, 361

Wayback Machine, 89

weak ciphers in web applications, 320

web browsers

proxies, 121–122

social networking, 247

spyware infection, 192

Web Server component in web

applications, 313

webcams, 91

webservers and web applications, 309 –310

client-server relationships, 310 –316

components, 311–313

cross-site scripting, 317–318

directory traversal attacks, 321–322

DoS targets, 262

encryption weaknesses, 320 –321

exam essentials, 323

bindex.indd 461 22-07-2014 11:00:57

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.