issuhub.com

CEH

(Jeff_L) #1

444 Counter Mode with Cipher Block Chaining Message – denial-of-service (DoS)


Counter Mode with Cipher Block Chaining

Message Authentication Code Protocol

(CCMP), 355–356

countermeasures

directory traversal attacks, 322

network scans, 118

social networking, 245–246

SQL injection, 343–344

covering tracks, 16, 170 –172

covert channels, 180, 195, 203–205

crackers, 169

cracking

passwords, 154–156, 165

backdoors, 202

database servers, 336

web applications, 318 –319

W PA , 359

Craigslist.com site, 93

CRC32 (Cyclic Redundancy Check), 357

Creator Group, 131

Creator Owner group, 131

Creeper project, 184

cross-site scripting (XSS)

man-in-the-browser attacks, 290–291

web applications, 317–318

crying wolf, 384

cryptanalysis, 57

cryptography, 55–57

evolution, 58–59

exam essentials, 75

examples, 59– 60

hashing, 68– 69

history, 57–58

IPSec, 71–73

issues, 69–71

PG P, 73 –74

public key, 62–67

review questions, 76 –79

SSL, 74

summary, 75

symmetric, 61– 62

cryptoviruses, 188

current user context in Windows, 131

cybercrime examples, 5–6

Cyclic Redundancy Check

(CRC32), 357

D

daisy chaining in pen testing, 10

DameWare utilities, 170

data access component in web

applications, 313

data alteration, 6

CIA triad, 14

SQL injection, 339–341

Data Definition Language (DDL) injection, 199

data-diddling, 6

Data Encryption Standard (DES), 61

data hiding, 171

data layer in web applications, 312

data link layer, 32

data sending Trojans, 196

data store component in web applications, 313

database vulnerabilities from SQL injection,

334 –336

DDL (Data Definition Language) injection, 199

DDoS (distributed denial-of-service)

attacks, 6

overview, 271–273, 272

tools, 273–275, 274–276

web applications, 315

de Wit, Jan, 4

deauthentication attacks, 359

default passwords, 130, 163

Default Response Rule Authentication

Method screen, 72

default scripts in web applications, 319

defense in depth, 408–409

defensive strategies for DoS attacks, 276 –277

degaussing, 400, 400

degraded services, 277

demilitarized zones (DMZs), 381

denial-of-service (DoS) attacks, 6, 259–260

buffer overflows, 267–271, 268–269

DDoS, 271–273, 272

defensive strategies, 276 –277

exam essentials, 278

vs. IDS, 383–384

overview, 260–262

pen testing considerations, 277

review questions, 279–282

summary, 277–278

bindex.indd 444 22-07-2014 11:00:55

Free download pdf
Get our desktop app
Company
Features
Documentation
Resources
© ISSUHUB. 2025. All rights reserved.