David, I must emphasize that the terms are things that popped into my mind while writing it down, and might have nothing to do with security testing or whatever per se....I didn't mean to be really serious about/with it. They say more about the way my mind works than about real knowledge :-)). Maybe you can drive someone crazy with the terms.... OS fingerpinting: determining what operating systems are running by probing things like the TCP/IP stack, probing for default services, etc. See http://www.insecure.org/nmap/nmap-fingerprinting-article.txt. buffer overflows: basically you put more data in the buffer/stack than that is can handle. Because of that your machine might crash. Even worse, sometimes it is possible to manipulate things in such a manner that a (root-)shell might be started.... Aleph1 wrote a classic paper about it in Phrack 49.... perl: Practical Extraction and Report Language. See www.perl.org, or www.perl.com. 666: number of the beast FIN scan and Xmas tree scan: stealth scan methods that use a FIN packet as the probe (FIN scan) or turns on FIN, URG and PUSH flags (Xmas tree scan). See www.insecure.org/nmap bpf: Berkeley Packet Filter (or BSD Packet Filter). Used by, among other, tcpdump. Useful for sniffing network traffic. overlapping fragments: see http://www.cis.ohio-state.edu/htbin/rfc/rfc1858.html for examples of what you can do with them STATE transitions: your day-to-day the TCP state transtions libc: just the C library. cg6 driver: Some graphics driver for Solaris. Not very useful for exploiting... 1777: permissions on, e.g., a /tmp directory... As you can see. Another list nominated for the most-useless-list-in-the-world. Gr, Arjan -------- Oh yes, I now have my personal disclaimer (in addition to the one my employer adds to the e-mail) as there might be people out there who try hard to find subliminal intentions to whatever I say. This e-mail either contains *my* opinions or some sketches of *my* perception of reality. I have no other intention than just to express those....Furthermore, there's is nothing to be sold. -------- ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
