INDEX
A
A record type, 96
AAAA record type, 96
access attacks
backdoors and trojans, 327–331
malware, 325–327
questions, 346–349
references, 349–351
review, 346
rootkits. See rootkits
vulnerabilities, 285
access lists in IP address spoofing, 243
access requirements in incident response, 28
account information
harvesting, 290–296
Linux investigations, 57–59
Windows investigations, 40–43
ACK flag
flood attacks, 269
nmap scans, 136
TCP, 128–129
ack mode in Covert_TCP, 370
ack.rb script, 175
active traffic sniffing, 245–246
ARP cache poisoning, 247–250
defending against, 258–259
DNS poisoning, 250–252
MAC flooding, 246–247
SSL stripping, 256–258
SSL/TLS and SSH attacks, 252–256
switch port stealing, 250
adapters for incident handling, 30
Address ...
Get GCIH GIAC Certified Incident Handler All-in-One Exam Guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.