| < Day Day Up > |
|
r-tools, 118-120
RADIUS server, 19-20
randomization, 73
RATS (Rough Auditing Tool for Security), 295-299
rc.firewall script, 399-402
rcp tool, 119
reciprocal rules, 451
Recycle Bin records, 732-733
RedHat Linux distribution
forensic duplication toolkits, 662-664
hijacked services, 20
live response toolkits, 612
Loki and, 278
redirection
blocking, 450-451
client, 446
dual, 446-448
local, 445-446
port, 274, 439-452
traffic, 443
Tripwire tool, 285
regdmp utility, 592-593
registered ports, 440
registry
EnCase and, 697-698
regdmp and, 592-593
regular expressions, 754, 772
Relative Identifier (RID), 148-149
relays, 20
remote access
administration, 147
case study, 549-550
command execution, 158-159
DOS shell, 9-11
Netbus, 261-265
Netcat, 9-12, 23-24
remote detonators, 23-24
to shells, 9-12
tools for, 254
VNC, 255-260
remote evidence files, 658-659
Remote Procedure Call. See RPC
remote servers, 158-159
reports
EnCase, 692-693
Internet Security Scanner, 339-340
STAT scanner, 318
Stealth, 180
Retina application, 327-332
reverse ident scanning, 74-75
rexec tool, 19, 120, 285, 290
rhosts authentication, 118-119
RID (Relative Identifier), 148-149
rlogin tool, 19, 119
rm command, 285
root kits, 612
root user, 283-284
Rough Auditing Tool for Security (RATS), 295-299
routers, 17-18
routing
loose, 17-18
NetBIOS and, 136
source, 17-18
strict, 17
RPC (Remote Procedure Call)
enumeration, 114-117
scans, 66-67, 85-86
Unix, 115-117
Windows systems, 114
RPC services, 66-67
rpcbind program, 115
rpcclient, 114
rpcinfo program, 115-117
rsh tool, 19, 119
RST/ACK packets, 433
RST packets, 65-69, 433, 565
rules
activate, 502
alert, 502
dynamic, 502
ipchains, 375-382
IPFW, 395-397
iptables, 385-390
log, 502
pass, 502
password guesses and, 220-222
reciprocal, 451
snort, 502-505
Stealth tool, 180-182
Tripwire, 348-350
rulesets, 366-367
run files, 774
Russinovich, Mark, 146
rwho program, 119-120
| < Day Day Up > |
|