Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Index: D

• daemons, tools for: Daemons
• data: Your Data
• • DNS: DNS Data
  • • mismatched: Mismatched data between the hostname and IP address DNS trees
  • protecting: Integrity Protection
  • • from sniffers: Packet Sniffing
  • theft of: Information theft
  • • Spies (industrial and otherwise)
  • transferring: File Transfer, File Sharing, and Printing
  • • What Does a Packet Look Like?
    • Packet Filtering
    • allowing/disallowing: Basic Packet Filtering
    • evaluating protocols for: What Data Does the Protocol Transfer?
    • via TCP: TCP
• data-driven attacks: Data-Driven Attacks
• • protecting against: Protecting Services
• database protocols, connecting to web servers with: Using the database's protocols to connect to a perimeter web server
• database servers, locating: Locating Database Servers
• daytime service: Mostly Harmless Protocols
• DCC (Direct Client Connections): Internet Relay Chat (IRC)
• DCOM (Distributed Component Object Model): Distributed Component Object Model (DCOM)
• dcomcnfg program: Distributed Component Object Model (DCOM)
• debugging operating system: Fix All Known System Bugs
• dedicated proxy servers: Generic Versus Dedicated Proxies
• Deep Crack: Passwords
• default deny stance: Default Deny Stance: That Which Is Not Expressly Permitted Is Prohibited
• • Default Permit Versus Default Deny
• default permit stance: Default Permit Stance: That Which Is Not Expressly Prohibited Is Permitted
• • Default Permit Versus Default Deny
• defense in depth: Defense in Depth
• • Defense in depth
  • Defense in depth
• Demilitarized Zone (DMZ): Some Firewall Definitions
• denial of service attacks: Denial of service
• • Electronic Mail
  • Denial of Service
  • HTTP and: HTTP Server Security
  • ICMP and: ICMP and Network Diagnostics
  • JavaScript and: JavaScript
  • protecting against: Protecting Services
• DependOnGroup registry key: Registry keys
• DependOnService registry key: Registry keys
• DES (Data Encryption Standard) algorithm: Encryption Algorithms
• designing rewalls: Buying Versus Building
• destination unreachable codes (see ICMP)
• Dfs (Distributed File System): Distributed File System (Dfs)
• DHCP (Dynamic Host Configuration Protocol): Dynamic Host Configuration Protocol (DHCP)
• diagramming the system: Labeling and Diagramming Your System
• dictionary attacks: One-Time Password Software
• Diffie-Helman algorithm: Key Exchange
• digital signature: Digital Signatures
• • in ActiveX: ActiveX
  • in OpenPGP: S/MIME and OpenPGP
  • in S/MIME: S/MIME and OpenPGP
  • algorithms: Digital Signature Algorithms
• Direct Client Connections (DCC): Internet Relay Chat (IRC)
• Directory Replication (Windows): Windows Directory Replication
• disabling
• • routing (see routers, disabling)
  • services: Disabling Nonrequired Services
  • • on Unix: Disabling Services Under Unix
    • • Specific Unix Services to Disable
    • on Windows: How to Disable Services Under Windows
    • • Specific Windows Services to Disable
• discard service: Mostly Harmless Protocols
• disconnecting
• • from network: Disconnect or Shut Down, as Appropriate
  • • plan for: Planning for Disconnecting or Shutting Down Machines
  • machine: Planning for Disconnecting or Shutting Down Machines
  • • after incident: Disconnect or Shut Down, as Appropriate
• disk space (see memory resources)
• disks, needs for: What Hardware Configuration?
• DisplayName registry key: Registry keys
• Distributed Component Object Model (DCOM): Distributed Component Object Model (DCOM)
• Distributed File System (Dfs): Distributed File System (Dfs)
• diversity of defense systems: Diversity of Defense
• DMZ (Demilitarized Zone): Some Firewall Definitions
• DNS (Domain Name Service): Naming and Directory Services
• • Selecting Services Provided by a Bastion Host
  • Domain Name System (DNS)
  • on Windows: Specific Windows Services to Disable
  • clients: Internal DNS clients query the internal server
  • configuring: DNS
  • • to hide information: Setting Up DNS to Hide Information, with Subdomains
    • without hiding information: Setting Up DNS Without Hiding Information
    • in screened subnet architecture: DNS
  • data: DNS Data
  • fake server: Set up a "fake" DNS server on the bastion host for the outside world to use
  • hiding information with: Setting Up DNS to Hide Information, Without Subdomains
  • revealing information to attackers: Revealing too much information to attackers
  • server for internal hosts: Set up a real DNS server on an internal system for internal hosts to use
  • Windows 2002 and: Windows 2000 and DNS
• DNS Mail Exchange (MX): Configuring SMTP to Work with a Firewall
• documenting
• • plan for: Planning for Documentation
  • system after incident: Snapshot the System
  • • Planning for Snapshots
• domain controllers: NTLM Domains
• • communication among: Controller-to-Controller Communication
• domain master browser, on Microsoft networks: Domain master browser
• Domain Name Service (see DNS)
• domains, on Microsoft networks: Domains and Workgroups
• Domino server: Lotus Notes and Domino
• dot (.) files, disabling creation of: Disabling the creation of directories and certain files
• double-reverse lookups: Mismatched data between the hostname and IP address DNS trees
• • Set up a "fake" DNS server on the bastion host for the outside world to use
• DSA (Digital Signature Algorithm): Digital Signature Algorithms
• DSS (Digital Signature Standard) algorithm: Digital Signature Algorithms
• dual-homed hosts: Some Firewall Definitions
• • architecture of: Dual-Homed Host
  • as firewall: Turning Off Routing
  • nonrouting: Nonrouting Dual-Homed Hosts
  • proxy services (see proxy services)
• dumpel utility: Setting Up System Logs Under Windows
• dynamic packet filtering, FTP and: Packet Filtering Characteristics of FTP

Symbols | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z