Ethical Hacker Community Forums

Ethical Hacking Discussions and Related Certifications => CEH - Official Course Modules v5 => Topic started by: don on November 15, 2006, 11:39:14 AM


Title: CEH v5 Module 11: Hacking Web Servers
Post by: don on November 15, 2006, 11:39:14 AM
 How Web Servers Work
 How are Web Servers Compromised?
 How are Web Servers Defaced?
 Apache Vulnerability
 Attacks Against IIS
    o IIS Components
    o IIS Directory Traversal (Unicode) Attack
 Unicode
    o Unicode Directory Traversal Vulnerability
 Hacking Tool: IISxploit.exe
 Msw3prt IPP Vulnerability
 WebDAV / ntdll.dll Vulnerability
 RPC DCOM Vulnerability
 ASN Exploits
 ASP Trojan (cmd.asp)
 IIS Logs
 Network Tool: Log Analyzer
 Hacking Tool: CleanIISLog
 Unspecified Executable Path Vulnerability
 Metasploit Framework
 Immunity CANVAS Professional
 Core Impact
 Hotfixes and Patches
 What is Patch Management?
 Solution: UpdateExpert
 Patch Management Tool
    o Qfecheck
    o HFNetChk
 cacls.exe Utility
 Vulnerability Scanners
 Online Vulnerability Search Engine
 Network Tools
    o Whisker
    o N-Stealth HTTP Vulnerability Scanner
 Hacking Tool: WebInspect
 Network Tool: Shadow Security Scanner
 SecureIIS
 Countermeasures
 File System Traversal Countermeasures
 Increasing Web Server Security
 Web Server Protection Checklist

Source:
http://www.eccouncil.org/EC-Council%20Education/ceh-course-outline.htm

Don


Powered by SMF 1.1.7 | SMF © 2006-2007, Simple Machines LLC
Joomla Bridge by JoomlaHacks.com