Attack through the Internet

Table of contents

Chapter 1. Introduction
1.1 Main concepts of computer security
1.2 Network security characteristics
1.3 Hackers vs. crackers
1.4 Main hackers’ targets
1.5 Network security: myths and reality
1.5.1 Hackers' power
1.5.2 Is your money secure?
1.5.3 Firewall as "absolute" network protection
1.6 Y2K and security issues

Chapter 2. Social engineering attacks
2.1 Social engineering: introduction
2.2 Social engineering attacks classification
2.3 Social engineering and human psychology
2.4 Computer systems intrusion examples
2.5 Social engineering over the Internet
2.5.1. IRC
2.5.2. E-MAIL
2.5.3. ICQ
2.6 How to protect yourself from social engineering attacks
2.6.1. Intrusion tests
2.6.2. User awareness

Chapter 3. Remote attacks in distributed computer systems
3.1 Remote attacks classification
3.2 Standard remote attack concept and mathematical model
3.2 Characteristics and realization mechanisms of standard remote attacks
3.2.1 Network traffic analysis
3.2.2 Trusted distributed object or subject substitution
3.2.3 Fake object of distributed computer system
3.2.4 Denial of service

Chapter 4. Remote attacks on Internet hosts
4.1 Internet traffic analysis
4.2 Fake ARP-server (ARP spoofing)
4.3 Fake DNS-server (DNS spoofing)
4.4 Forcing fake route to host using ICMP protocol (ICMP spoofing)
4.5 IP spoofing and TCP hijacking
4.5.1 TCP sequence number prediction by extrapolation of previous values
4.5.2 Using the lack of TCP-connection identification to attack rsh-server
4.6 TCP SYN flood or request buffer overflow
4.6.1 Windows NT under TCP SYN flood
4.7 Mythical Internet remote attacks
4.7.1 IP-fragmentation as firewall penetration
4.7.2 "Ping of Death"
4.8 Known operation systems bugs
4.8.1 Land
4.8.2 Teardrop
4.8.3 Smurf
4.8.4 Out of band (OOB)

Chapter 5. Methods of port scanning
5.1 “Known source” methods of port scanning
5.1.1 TCP SYN scanning
5.1.2 TCP FIN scanning
5.1.3 IP fragmentation scanning
5.1.4 TAP IDENT scanning
5.2. Anonymous methods of port scanning
5.2.1. FTP bounce attack
5.2.2 “Dumb” host scanning
5.2.3. “Proxy” scanning

Chapter 6. Remote attacks success causes
6.1 Remote attacks success causes in the distributed computer systems
6.2 Remote attacks success causes in the Internet

Chapter 7. Secure distributed computer systems
7.1 Leased line between distributed objects
7.2 Virtual channel as additional identification and authentication tool for distributed objects
7.3 Message route checking and control
7.4 Virtual connection checking and control
7.5 Design of distributed computer system with fully pre-determined object information to eliminate remote search

Chapter 8. How to protect yourself from remote Internet attacks
8.1 Administrative protection
8.2 Software and hardware protection tools and methods

Chapter 9. Remote attacks on operating systems
9.1 Introduction
9.2 Standard attacks scenarios classification in UNIX
9.3 The beginning (before the Worm)
9.4 Buffer overflow technology
9.5 The Worm
9.5.1. Strategies the Worm uses
9.6 After the Worm
9.6.1. Trying a password
9.6.2. Typical attacks
9.6.3. Trusted attacks
9.7 Present-day situation
9.7.1. telnetd daemon error
9.7.2. sendmail error
9.7.3. wu-ftpd vulnerabilities
9.7.4 innd vulnerabilities
9.8 UNIX vulnerabilities existence causes
9.9 Windows NT
9.9.1. Windows NT: classification of vulnerabilities causes
9.9.2 System services buffer overflow
9.9.3 Getting administration rights
9.9.4. Resource sharing and anonymous user
9.9.5. SMB in the Internet
9.9.6. Identification and authentication procedures
9.10 How to protect your host?
9.11 Software tools of security checking
9.11.1 SATAN
9.11.2 SAFESuite family

Chapter 10. Attacks through WWW
10.1 Attack on WWW-clients
10.1.1 Browser security
10.1.2 Java applets security
10.1.3. Other client applications security
10.1.4. Viruses and Trojans
10.2 Attack on Web-server
10.3 CGI scripts security
10.3.1 CGI Introduction
10.3.2 Known CGI-errors
10.3.3. Known CGI-scripts errors
10.3.4. Creating secure CGI-scripts
10.4 Using server-based applications to attack the WWW-clients
10.4.1 Ñookies security
10.4.2. Identification problems