|
RADIUS, 163–165, 345
Random numbers, 182, 322
RC4 encryption, 342
Registered ports, 103
Registration authority (RA), 171
Regulatory requirements, 12–13
Remote Authentication Dial-In User Service (RADIUS), 163–165, 345
Repeaters, 62–63
Retina scan, 162, 163
Reverse path forwarding vs., 232–234
Rijndael, 130
Risk, defined, 17
Risk analysis, 17–35, 392
annualized loss expectancy (ALE), 27–28, 32
annualized rate of occurrence (ARO), 26–27, 31–32
asset value, 20–21, 24
choosing countermeasures, 22–23
combining qualitative and quantitative analysis, 31
cost-benefit analysis, 33–34
disaster recovery planning, 384–385
exposure factor (EF), 25–26, 31
natural disasters, 25, 27, See also Disaster recovery planning
qualitative analysis, 17, 19, 30–31
quantitative analysis, 17, 19, 24–30
risk costs (single loss expectancy), 21–22, 24–26
selecting countermeasures, 31–46, 392
terminology, 17–18
threat analysis, 26–27
Risk assessment, 17–35, See Risk analysis
Risk management, defined, 19
Rivest-Shamir-Adleman (RSA), 132–134
Role-based access control, 150–152
Rootkits, 271
Root servers, 143
Route flap dampening, 100
Routers, 69–71
Cisco, 204
committed access rates, 113–114, 230–231
DHCP servers, 70
disabling nonessential functions, 55
dynamic protocols, 70
firewall functionality, 70
IP options and, 82
limiting spoofing using reverse path forwarding, 232–234
multi-protocol label switching (MPLS), 284
network monitoring, 71
packet fragmentation and, 77–78
packets addressed to, 206–207
remote management of, 71
sample security standards, 53–54
SYN filtering, 112
vulnerabilities, 71
Routers, configuration as firewalls, 202, 204–222, See also Firewalls, configuration of
application layer filtering, 226
auditing, 221–222
example rule sets
Check Point, 241–242
Cisco access list, 239–241
Linux IPchains, 238–239
limiting denial-of-service, 228–236, See also under Firewalls
network performance considerations, 208–209
policy-based configuration process, 209–211
remote configuration protocols, 207
stateful packet filtering, 223–226
writing and applying filters, 236–242
Routing Information Protocol (RIP), 96, 98
Routing protocols, 95–101
Routing tables, 69, 95
manipulation of, 71
MPLS and, 287–288
RSA algorithm, 132–134
RSA Cryptography Standard, 182
RST bit, 105
|