Index_R

< Day Day Up >

---

R

r-tools, 118-120

RADIUS server, 19-20

randomization, 73

RATS (Rough Auditing Tool for Security), 295-299

rc.firewall script, 399-402

rcp tool, 119

reciprocal rules, 451

Recycle Bin records, 732-733

RedHat Linux distribution

forensic duplication toolkits, 662-664

hijacked services, 20

live response toolkits, 612

Loki and, 278

redirection

blocking, 450-451

client, 446

dual, 446-448

local, 445-446

port, 274, 439-452

traffic, 443

Tripwire tool, 285

regdmp utility, 592-593

registered ports, 440

registry

EnCase and, 697-698

regdmp and, 592-593

regular expressions, 754, 772

Relative Identifier (RID), 148-149

relays, 20

remote access

administration, 147

case study, 549-550

command execution, 158-159

DOS shell, 9-11

Netbus, 261-265

Netcat, 9-12, 23-24

remote detonators, 23-24

to shells, 9-12

tools for, 254

VNC, 255-260

remote evidence files, 658-659

Remote Procedure Call. See RPC

remote servers, 158-159

reports

EnCase, 692-693

Internet Security Scanner, 339-340

STAT scanner, 318

Stealth, 180

Retina application, 327-332

reverse ident scanning, 74-75

rexec tool, 19, 120, 285, 290

rhosts authentication, 118-119

RID (Relative Identifier), 148-149

rlogin tool, 19, 119

rm command, 285

root kits, 612

root user, 283-284

Rough Auditing Tool for Security (RATS), 295-299

routers, 17-18

routing

loose, 17-18

NetBIOS and, 136

source, 17-18

strict, 17

RPC (Remote Procedure Call)

enumeration, 114-117

scans, 66-67, 85-86

Unix, 115-117

Windows systems, 114

RPC services, 66-67

rpcbind program, 115

rpcclient, 114

rpcinfo program, 115-117

rsh tool, 19, 119

RST/ACK packets, 433

RST packets, 65-69, 433, 565

rules

activate, 502

alert, 502

dynamic, 502

ipchains, 375-382

IPFW, 395-397

iptables, 385-390

log, 502

pass, 502

password guesses and, 220-222

reciprocal, 451

snort, 502-505

Stealth tool, 180-182

Tripwire, 348-350

rulesets, 366-367

run files, 774

Russinovich, Mark, 146

rwho program, 119-120

---

< Day Day Up >