R | Inside Network Perimeter Security (2nd Edition)

Index

[SYMBOL] [A] [B] [C] [D] [E] [F] [G] [H] [I] [J] [K] [L] [M] [N] [O] [P] [Q] [R] [S] [T] [U] [V] [W] [Z]

r-commands (UNIX)
     deactivating
     SSH
     Telnet
RA (Registration Authorities)
     digital certificates
race conditions 2nd
RAT (Router Audit Tool) 2nd
rate limiting 2nd 3rd
     network switches
     QoS 2nd
     switch-type NIPS
realism (security policies)
recent changes, reviewing (troubleshooting process)
reconnaissance
     by fragments
     by pings
reconnaissance phase (network security assessments)
     DNS discovery 2nd
     IP address ranges, determining
     organization-specific data searches 2nd
     organizational Web presences 2nd
     reverse lookups
     search engines 2nd
     sensitive information searches
     whois searches
recovery phase (incident response)
recursive queries
Red Hat Linux
     WU-FTPD
redundancy
     firewalls 2nd 3rd
    geographic
         fault tolerance 2nd
    intrasite
         fault tolerance 2nd 3rd 4th 5th
         firewall redundancy 2nd 3rd
         switch redundancy 2nd
    intrasystem
         fault tolerance
     switches 2nd
reflexive ACL (access control lists) 2nd 3rd
     FTP 2nd
     ICMP
     named ACL 2nd
     outbound traffic 2nd
     PASV FTP
     TCP flags 2nd
     UDP
Regedit utility (Windows)
     Registry permissions, restricting 2nd
Regedit32 utility (Windows)
     Registry permissions, restricting 2nd
Registration Authorities (RA)
     digital certificates
Registry (Windows)
     permissions, restricting 2nd
remote access phase (network security assessments)
     VPN/remote proxies
         access controls 2nd
         authentication 2nd 3rd
         client restrictions 2nd
         encryption
     wardialing 2nd 3rd 4th
     wardriving 2nd 3rd
remote access services
     deactivating 2nd 3rd 4th
remote authentication
    routers
         SNMP 2nd 3rd
remote commands (UNIX)
     deactivating
     SSH
     Telnet
remote controlware
Remote Desktop service (Windows)
     deactivating
remote desktop software
     risks of 2nd
     single-session
         client integration
         perimeter defenses 2nd
         server integration 2nd
         uses of
     terminal servers
         client integration
         perimeter defenses
         server integration
         uses of 2nd
         VPN case studies 2nd 3rd
remote proxies
     network security assessments
         access controls 2nd
         authentication 2nd 3rd
         client restrictions 2nd
         encryption
Remote Registry Service (Windows)
     deactivating
remote system/network monitoring, security of 2nd 3rd 4th 5th
remote users
     null sessions 2nd
    r-commands (UNIX)
         deactivating
    Remote Desktop service (Windows)
         deactivating
    Remote Registry Service (Windows)
         deactivating
    Server service (Windows)
         deactivating
    Terminal Services (Windows)
         deactivating
removing/disabling (host hardening)
     OS components
renaming
     Administrator accounts (Windows)
     Root accounts (UNIX)
reports
    network log
         designing 2nd
reserved addresses
     ingress filtering
reserved IP addresses
     ingress filtering 2nd 3rd
resource separation
     dialup connections 2nd
     LAN-connected desktops 2nd
     laptops 2nd
     mail relays 2nd
         configuring 2nd 3rd 4th
         justifying mail server separation 2nd
     risk 2nd
     security zones
         creating via multiple subnets 2nd 3rd 4th
         creating via multiple subnets, broadcast domains 2nd 3rd 4th 5th
         creating via single subnets
         creating via single subnets, dedicated servers 2nd 3rd
         creating via single subnets, security zones within servers 2nd 3rd
     Split DNS 2nd
         configuring 2nd 3rd 4th
         justifying
     VLAN
         firewalls 2nd
         private VLANs 2nd
         routers 2nd
         switches
         VLAN-hopping attacks 2nd
     VPN 2nd
     wireless systems 2nd 3rd
resource-sharing services
     deactivating 2nd
response time (performance)
     defining
restricting
    file permissions
         UNIX 2nd
         Windows
         Windows, NTFS
    Registry permissions
         Windows 2nd
results analysis/documentation phase (network security assessments) 2nd 3rd
     best practices
     executive summaries 2nd 3rd
     introductions
     risk, prioritizing findings by
Retina vulnerability scanner (eEye Security) 2nd
RETR command (proxy firewalls)
retrieving
     network log file data 2nd
reverse lookups
Reverse Path Forwarding (RFP)
     router hardening
reverse proxies 2nd
     Citrix MetaFrame
reviewing recent changes (troubleshooting process)
RFC 1323 extensions 2nd
RFP (Reverse Path Forwarding)
     router hardening
RingZero Trojan exploit 2nd
RIP (Routing Information Protocol)
     network performance 2nd
risk
     network security assessment documentation, prioritizing findings for
     network security assessment techniques
     resource separation 2nd
     versus cost 2nd
     versus vulnerability
risk communication (security policies) 2nd
risk identification (security policies)
root accounts (UNIX)
     host hardening 2nd
Root accounts (UNIX)
     renaming
route authentication 2nd
route command (UNIX)
     host routing tables, displaying
route metrics
route print command
     host routing tables, displaying
router configurations
    auto secure command (Cisco) generated
         examples of 2nd 3rd 4th 5th 6th
router link encryption case study 2nd
router logs
     analyzing 2nd
         Cisco router logs 2nd
routers
     AAA authentication command
     ACL
         deny 2nd
         extended
         extended, blocking ICMP echo requests 2nd
         extended, established keyword 2nd 3rd 4th
         extended, filtering ICMP messages 2nd
         extended, filtering ports
         extended, friendly net IP address access 2nd
         extended, FTP 2nd 3rd
         extended, PASV FTP 2nd 3rd
         extended, ports
         extended, rule order 2nd
         extended, syntax of 2nd
         fragments 2nd
         implicit denies 2nd
         in/out keywords 2nd 3rd
         IPv6 2nd
         log keywords
         named 2nd
         named, adding/deleting entries 2nd 3rd
         named, reflexive ACL
         numbered
         planning rule order
         reflexive 2nd
         reflexive, FTP 2nd
         reflexive, ICMP
         reflexive, named ACL 2nd
         reflexive, outbound traffic 2nd
         reflexive, PASV FTP
         reflexive, TCP flags 2nd
         reflexive, UDP
         standard, applying to interfaces
         standard, blacklisting 2nd 3rd
         standard, egress filtering 2nd
         standard, friendly net IP address access 2nd
         standard, ingress filtering 2nd 3rd 4th
         standard, syntax of
         wildcard masks 2nd 3rd 4th
     administration points, locking down 2nd 3rd
    all-in-one security solutions
         ACLs
         CBAC
         CBAC, inspect statements
         CBAC, stateful inspection
         NAT 2nd
         NAT, configuring 2nd
         NAT, viewing translation tables
         PAT 2nd
         PAT, viewing translation tables
         router placement 2nd
    attacks to
         logins
         SNMP 2nd
         SSH protocol
    border
         adversarial reviews, determining impact of misconfigurations/vulnerabilities 2nd 3rd 4th 5th
         defining
         egress filters, adversarial reviews 2nd
         functions of 2nd
         ICMP destination unreachable messages
         ingress filters, adversarial reviews 2nd
         No CDP Messages filter setting, adversarial reviews 2nd
         No IP Directed Broadcasts filter setting, adversarial reviews
         No IP Unreachable Messages filter setting, adversarial reviews
         No Source Routing filter setting, adversarial reviews
         Nokia IP350
         Nokia IP350, rulebase for
         ping floods
         preventing access
         role in perimeter defense
    Cisco
         access list rules 2nd
         IPSec VPN configuration examples 2nd 3rd 4th 5th 6th 7th 8th 9th
     Cisco 3660
     Cisco shorthand
     configuring 2nd 3rd 4th
         TFTP 2nd
     CPU usage
         proc command 2nd
     default routes
     defense-in-depth security structures
         NBAR 2nd 3rd 4th 5th 6th
         packet filtering 2nd
     defining
     distribute-list command
     distribute-list out command
     dynamic routing protocols 2nd
         route authentication 2nd
         update blocking 2nd 3rd
     functions of 2nd
    hardening
         auditing via RAT 2nd
         auto securing 2nd
         Cisco TCP Keepalives services
         console ports 2nd
         disabling CDP
         disabling Finger services 2nd
         disabling PAD services
         disabling proxy-ARP 2nd
         disabling small services 2nd
         disabling source routing
         FTP
         ICMP blocking
         ICMP blocking, directed broadcasts
         ICMP blocking, redirects
         ICMP blocking, unreachables 2nd 3rd
         IOS updates
         NTP configuration/authentication 2nd 3rd
         RFP
         router logging 2nd 3rd 4th
         security advisories
         SNMP 2nd 3rd
         SNMP, authentication/passwords 2nd 3rd 4th
         SNMP, disabling servers 2nd
         spoofing attacks
         SSH 2nd 3rd
         Telnet 2nd 3rd
         TFTP 2nd
     internal subnetting
     ip route statements
    IPSec
         VPN
     key IDs
     Layer 3 switching
     logging 2nd 3rd 4th
     login banners, creating 2nd
     login local command
     network filtering
     passive interface command
     performance 2nd
         NBAR
     route metrics
     secretkeys
     secure perimeter design 2nd 3rd 4th 5th 6th 7th
         access control 2nd
         basic filtering 2nd
         ISP controlled routers 2nd
     service password encryption command
     static routes
     storage
     validate-update-source command
    VLAN
         resource separation 2nd
routing
     packets
         implicit permits
routing protocols
    OSPF
         network performance
    RIP
         network performance 2nd
routing tables
     displaying
RPC (Remote Procedure Call) services
     NFS services
rpm utility
     software, removing
rules
    troubleshooting
         compromising security
         documentation 2nd
         obvious problems
         one change at a time
         openmindedness
         second opinions
         staying focused 2nd
rules (ACL)
     rule order, planning