[...]... towards the security community At the time when the authors started framing the book (May 2001), a significant number of books on the subject of digital hacking and security had already been published In an effort to make some “space” for this book, we reviewed many of them and came to the conclusion that there was room for a book that adopted an analytical perspective on hacking and security and attempted... Summary Future Directions Further Reading 11 Simple Mail Transfer Protocol (SMTP) The SMTP Protocol SMTP Protocol and Packet Constructs (Packet Data Hacking) SMTP Vulnerabilities SMTP Protocol Commands and Protocol Extensions Protocol Commands Protocol Extensions SMTP Exploits and SMTP Hacking SMTP Protocol Attacks Account Cracking Eavesdropping and Reconnaissance ESMTP and Command Set Vulnerabilities Protocol-Based... Authentication Institution of Spoof Protection at Firewalls and Access Control Devices Patch TCP/IP Implementations Deny Source Routing at Gateways and Firewalls Deny ICMP Redirects at Gateways and Firewalls Deter the Use of IP Addresses for Authentication or Construction of Trust Relationships Implement ARP Controls Monitor Network Traffic Using Network and Host-based IDS Restrict ICMP Traffic into and. .. Objects and Naming LDAP Queries LDAP Data Interchange Format (LDIF) LDAP Security Authentication Anonymous Access Simple Authentication Simple Authentication with Secure Sockets Layer (SSL)/Transport Layer Security (TLS) Simple Authentication and Security Layer (SASL) Access Control Summary Active Directory Windows NT Windows 2000 Schema Windows 2000 Partitions Windows 2000 Objects and Naming The Domain The. .. Wednesday, October 1, 2003 5:41 AM THE STRATEGY BEHIND BREAKING INTO AND DEFENDING NETWORKS GDB GID GINA GNOME GNU HIDS HKEY HMAC HQ HTTPS HUMINT ICQ IDS IKE IMDb IPO IPSec IRIX ISAKMP ISS IUSR KB KDE KSL LKM LM LT2P MIB MSDE MSDN MSRPC MUA MVS MX NASL NIDS NMAP NMS NTFS NTFS5 NTLM OU PCX GNU Project Debugger Group ID (Access Control Lists) Graphical Identification and Authentication (Dynamic Link Library,... Nonrepudiation Digital Signatures (and Digital Certificates) Privacy Virtual Private Network (VPN) Session and Protocol Encryption Secure Sockets Layer (SSL) Certificate and Impersonation Attacks (SSL) Cryptographic Weaknesses (SSL) Attacks against the Handshake Protocol (SSL) SSL Man-in -the- Middle Attacks Man-in -the- Middle Attack Version Rollback (SSL) Viruses, Worms, and other Application Issues (SSL) Secure... (background), (2) hacking, and (3) security sections; the intent of this approach is to inform the way in which administrators defend systems and networks by exploring hacking exploits and defenses in the same technical context • Chapters should be organized around specific technical and administrative components (e.g., specific services such as SMTP, HTTP, DNS, directory services and specific administrative... Windows 2000 Schema Windows 2000 Partitions Windows 2000 Objects and Naming The Domain The Tree The Forest The Forest Root Domain Naming Standards and Resolution in Windows 2000 Active Directory Back-End Processes The Directory Information Base (DIB) Replication The Global Catalog Windows 2000 Security Authentication © 2004 by CRC Press LLC AU0888_C00.fm Page xxiv Wednesday, October 1, 2003 5:41 AM... “Hijacking” Client Session/ID Theft Cryptographic (Key-Based) Authentication Key Transfer and Key Management Vulnerabilities Key Transfer Vulnerabilities Key Management Vulnerabilities (Public Key Infrastructure) Key Binding and Impersonation Vulnerabilities Dictionary and Brute-Force Attacks against Weak Secrets Centralized Authentication Servers RADIUS TACACS Kerberos Human Authentication (Biometrics)... Overview Consolidation (OS and Network Facilities) Account and Privilege Management Facilities Account Cracking SMBCapture Active Directory Privilege Reconnaissance and Hacking Built-In/Default Accounts, Groups, and Associated Privileges Finger Service Reconnaissance Kerberos Hacking and Account Appropriation Keystroke Logging LDAP Hacking and LDAP Reconnaissance Polling the Account Database Social . w0 h0" alt="" The Hacker’s Handbook The Strategy behind Breaking into and Defending Networks © 2004 by CRC Press LLC The ABCs of IP Addressing Gilbert Held ISBN: 0-8493-1144-6 The ABCs of LDAP Reinhard. (Susan Elizabeth), 1968– The hacker’s handbook : the strategy behind breaking into and defending Networks / Susan Young, Dave Aitel. p. cm. Includes bibliographical references and index. ISBN 0-8493-0888-7. to seeing The Hacker’s Handbook through to its conclusion. The authors would like to thank the following individuals for their con- tributions and support: • Rich O’Hanley and the production