CEH

Department of Energy (DoE), attack on, – 802.11i standard 445

targets, 262 tools, 273–275, 274–276 types, 262–266, 265–267 web applications, 315 W E P, 357 wireless networks, 363 Department of Energy (DoE), attack on, 331 DES (Data Encryption Standard), 61 design step in viruses, 185 destination hosts in firewalking, 382 destructive Trojans, 196 desynchronization connections, 293–294, 294 session hijacking, 286 detection IDSs. See intrusion detection systems (IDSs) social engineering, 237 Trojans and viruses, 185, 196–198, 198 DHTML (dynamic HTML), 311 diagrams, network, 119 –120, 120 dial-up, 106 –107 Dice.com site, 93 dictionary attacks, 155–156 differential backups, 49 Diffie, Whitfield, 62 digital certificates, 64–67 Direct Host service, 133 directional antennas, 353–354 directory services brute-force attacks, 130 enumeration, 141–142 directory traversal attacks, 321–322 DirecTV network dishes, 355 disabling auditing, 170 –171 unnecessary services, 276 disclosure in CIA triad, 14 Discoverable Bluetooth mode, 366 Dish network dishes, 355 disrupt attacks, 264 disruption in CIA triad, 14 distributed databases, 334 distributed denial-of-service (DDoS) attacks, 6 overview, 271–273, 272 tools, 273–275, 274–276 web applications, 315

distributed network attacks (DNAs), 162 distributing Trojans, 201–203 DMZs (demilitarized zones), 381 DNAs (distributed network attacks), 162 DoE (Department of Energy), attack on, 331 Domain Name System (DNS), 39 spoofing, 293 zone transfers, 130 doors and mantraps, 402–403 DoS attacks. See denial-of-service (DoS) attacks DoSHTTP tool, 273 drawing network diagrams, 119 –120, 120 drives encrypting, 399 mobile devices, 397– 400, 400 password theft, 164 wiping, 400 Dsniff tools, 213 dumpcap tool, 217 dumpster diving, 5, 97, 247 dynamic content in man-in-the-browser attacks, 290–291 dynamic HTML (DHTML), 311 dynamic ports, 37

E e-commerce, cryptography in, 58 EAP (Extensible Authentication Protocol), 356 eavesdropping, 97, 246 EC-Council (International Council of Electronic Commerce Consultants), 8 economic loss from social engineering, 239 EDGAR (Electronic Data-Gathering, Analysis, and Retrieval system), 94 editcap tool, 217 education social engineering, 237 social networking, 245–246 effectiveness of social engineering, 237–238 egress filtering, 276 Egyptian hieroglyphics, 57–58 802.11i standard, 356

bindex.indd 445 22-07-2014 11:00:55

CEH

Get our desktop app

Company

Features

Documentation

Resources