Network Security Assessment by Chris McNab The following errata were *corrected* in the 5/04 reprint: Here's a key to the markup: [page-number]: serious technical mistake {page-number}: minor technical mistake : important language/formatting problem (page-number): language change or minor formatting problem Preface, p.xiv http://www.nsa.gov/isso/iam/index.htm NOW READS: http://www.iatrp.com/ (14) http://www.microsoft.com/ntserver/nts/downloads/recommended/netkit/default.asp NOW READS: http://www.microsoft.com/ntserver/nts/downloads/recommended/ntkit/default.asp AND http://www.netxeyes.org/smbcrack.exe NOW READS: http://www.netxeyes.org/SMBCrack.exe {46}: "Using half-open SYN flags to probe a target is known as an inverted technique because ... " NOW READS:: "Using malformed TCP flags to probe a target is known as an inverted technique because ... " (49) http://www.eaglenet.org/antirez/hping2.html NOW READS: http://www.hping.org {87} snmpwalk -c public 192.168.0.1 NOW READS: snmpwalk -c private 192.168.0.1 (91) http://www.xfocus.net/exploits NOW READS: http://examples.oreilly.com/networksa/tools/bf_ldap.tar.gz (202) http://www.sqlsecurity.com/uploads/sqlping.zip NOW READS: http://examples.oreilly.com/networksa/tools/sqlping.zip (204) http://www.sqlsecurity.com/uploads/forcesql.zip and http://www.sqlsecurity.com/uploads/sqlbf.zip NOW READ: http://examples.oreilly.com/networksa/tools/forcesql.zip and http://examples.oreilly.com/networksa/tools/sqlbf.zip (234) http://ntsecurity.nu/toolbox/winfo.exe NOW READS: http://ntsecurity.nu/downloads/winfo {268} (RDP running on TCP port 259) NOW READS: (RDP running on UDP port 259)