Windows : User management Local users information : automatically disabled accounts Windows : User management Guest belongs to a group Windows : User management Local users information :
Trang 1Windows IE 5.01 5.5 6.0
Cumula-tive patch
CAN-2003-0838, CAN-2003-0809, CAN-2003-0530, CAN-2003-0531, CAN-2003-0113, CAN-2003-0114, CAN-2003-0115, CAN-2003-0116
3578, 8556, 8565
less than or equal to 7
Autologon
SQLXML
CVE-2002-0186, CVE-2002-0187, CAN-2002-0186, CAN-2002-0187
5004, 5005
may leave passwords on system
permis-sions of Schedule
CAN-1999-0589
XP Shell Could Enable System Compromise (329390)
CAN-2002-1327
Privi-lege Escalation patch
permis-sions of the RAS key
automatically
CAN-2003-0664, CAN-1999-0354
8533
may leave passwords on system
CAN-2002-0643
Trang 2Windows DBTools DBManager
Information Disclosure
7040
write-able by non-admins
Password
ListBox and in the ComboBox (824141)
CAN-2003-0659
Buffer Overflow
index server
CVE-2001-0244, CVE-2001-0245
2709
vulnerability
Transfer Service is running
verification
Service Pack version
CAN-1999-0662
remote version of Flash-Player
7005
Engine (Q814078)
Service Pack version
CAN-1999-0662
browse listing
Trang 3Windows Service Control Manager
Named Pipe Imperson-ation patch
Service Pack version
CAN-1999-0662 7930, 8090, 8128,
8154
Vulnerabilities patch
1743
Installed
kernel overflow Patch (Q311967)
domain controller
running
CAN-1999-0630
CAN-1999-0520
8026
registry
enumerate local users
CPU Resources (Q320436)
CAN-2002-0368
infected by msblast.exe
for snmp buffer overruns
CAN-2002-0053
Trang 4Windows Flaw in Microsoft VM
Could Allow Code Execu-tion (810030)
CAN-2002-1257, CAN-2002-1258, CAN-2002-1183, CAN-2002-0862
could allow sniffing and DOS(Q324380)
Brute Force
winreg
endpoint mapper
permis-sions of keys that can change common paths
CAN-1999-0589
Malformed HTML form tag DoS
7402
Decompression Func-tions(Q329048)
CAN-2002-0370, CAN-2002-1139
Info Query Windows : User
management
Local users information : Never changed password Windows : User
management
Users in the ‘Backup Operator’ group Windows : User
management
Obtains the lists of users groups
Windows : User
management
Users information : auto-matically disabled accounts
Trang 5Windows : User
management
Local users information : automatically disabled accounts
Windows : User
management
Guest belongs to a group
Windows : User
management
Local users information : User has never logged on Windows : User
management
Users information : Pass-words never expires Windows : User
management
Local users information : disabled accounts Windows : User
man-agement
Obtains local user information Windows : User
management
Users in the Admin group
Windows : User
management
Users in the ‘Replicator’
group Windows : User
management
Local users information : Can’t change password Windows : User
management
Users in the ‘Print Operator’ group Windows : User
management
Users information : dis-abled accounts Windows : User
management
Users in the ‘System Operator’ group Windows : User
management
Users information : Can’t change password Windows : User
management
Local users information : Passwords never expires Windows : User
management
Users in the Domain Admin group
Trang 6Windows : User
management
Users information : User has never logged in Windows : User
management
Obtains the lists of users aliases
Windows : User
management
Obtains user information
Windows : User
management
Users information : Never changed password Windows : User
management
Users in the ‘Account Operator’ group
Trang 7Web Sites
ACID: http://acidlab.sourceforge.net
AirSnort: http://airsnort.shmoo.com
Bastille Linux: www.bastille-linux.org
CERT: www.cert.org
Ethereal: www.ethereal.com
FBI: www.fbi.gov
Foundstone: www.foundstone.com
FreeS/WAN www.freeswan.org
GNU Project www.gnu.org
GPG www.gnupg.org
John the Ripper: www.openwall.com/john Iptables: www.netfilter.org
Kismet Wireless: www.kismetwireless.net lsof: http://freshmeat.net/projects/lsof
NCC: www.netsecuritysvcs.com/ncc
Nessus: www.nessus.org
NessusWX: nessuswx.nessus.org
NetStumbler: www.netstumbler.com
Nlog: www.secureaustin.com/nlog
Trang 8Open Source Windows Forensics Tools: www.opensourceforensics.org/tools/
windows.html
OpenSSH: www.openssh.org
PGP: www.pgp.com
PuTTY: www.chiark.greenend.org.uk/~sgtatham/putty
Sam Spade for Windows: www.samspade.org/ssw
Sleuth Kit: www.sleuthkit.org
SmoothWall Express: www.smoothwall.org
Snort: www.snort.org
Snort Webmin Module: http://msbnetworks.net/snort
SourceForge: www.sourceforge.net
StumbVerter: www.sonar-security.com
Swatch: swatch.sourceforge.net
Tcpdump, Windump: www.tcpdump.org
Tripwire: www.tripwire.org
Turtle Firewall: www.turtlefirewall.com
Books and Articles
Caswell, Brian, Jay Beale, James C Foster, and Jeffrey Posluns 2003 Snort 2.0 Intrusion
Detection Rockland, MA: Syngress.
Cisco Internetwork Basics: www.idevelopment.info/data/Networking/Networking_ Basics/BASICS_Understanding_OSI_Model.shtml
Drummond, Richard 1993 Data Communications for the Office New York: Bantam
Professional Books
EMACS quick reference: http://seamons.com/emacs/
Hafner, Katie and John Markoff 1991 Cyberpunk: Outlaws and Hackers on the
Computer Frontier New York: Simon and Schuster.
Introduction to Cryptography, Network Associates: www.pgpi.org/doc/pgpintro/
Krutz, Ronald L.and Russell Dean Vines 2001 The CISSP Prep Guide New York: John
Wiley & Sons
Lammle, Todd 2003 CCNA Cisco Certified Network Associate Study Guide, Fourth Edition Location: San Francisco: Sybex
Levy, Steven 2002 Crypto: How the Code Rebels Beat the Government Saving Privacy in
the Digital Age New York: Penguin Putnam Inc.
Trang 9The OSI Model: www.wdsd.org/strut/OSI/osimodel.html
Scambray, Joel, Stuart McClure, and George Kurtz 2001 Hacking Exposed, Second
Edition New York: McGraw Hill
Schneier, Bruce 1995 Applied Cryptography: Protocols, Algorithms, and Source Code in
C, Second Edition Hoboken, NJ: John Wiley & Sons
Schultz, E Eugene 2000 Windows NT/2000 Network Security New York: MacMillan
Technical Publishing
Singh, Simon 2000 The Code Book: The Science of Secrecy from Ancient Egypt to
Quantum Cryptography London: Anchor Books.
Smith, Richard E 2001 Authentication: From Passwords to Public Keys Boston:
Addison-Wesley
Stanger, James, Patrick T Lane, and Edgar Danielyan 2001 Hackproofing Linux.
Rockland, MA: Syngress
Torvalds, Linus and David Diamond 2002 Just for Fun: The Story of an Accidental
Revolutionary New York: HarperBusiness.