Index_F

 < Day Day Up > 



F

Farmer, Dan, 698

Fast Block utility, 626

file command, 744–746, 774

file streaming, 594

file systems, 576, 664, 684, 763

File Transfer Protocol. See FTP

file transfers, 21

files. See also specific files

ASCII, 758

associated with browsers, 730–733

batch, 150, 164, 258–259

binary, 58

criminal, 773–776

Cygwin, 55–56

.dat, 319–320, 539–542, 547–549

data, 730–733

evidence, 623, 654–655, 773–776

executable, 285

hiding, 284

.htaccess, 219

local evidence, 655–658

log. See log files

perm.n, 248–249

public, 121

redirecting, 285

remote evidence, 658–659

run, 774

SAM, 229–230

securing with Tripwire, 357–358

streaming, 594

SUID, 702

transforming into devices, 660–661, 664–665

filesnarf tool, 493

filtered ports, 68

filters

BUTTSniffer, 460, 464

directional, 467–468

egress, 451

Ethereal, 479–483

ingress, 451

IP, 465

ipfilter, 403

packet. See packet filters

port, 20, 465

tcpdump, 467–470

FIN flags, 477–478

FIN packet, 65, 68

FIN scans, 68

finger daemons, 121

finger utility, 120–121

fingerprinting

operating systems, 75, 109–110, 437

Winfingerprint utility, 138–140, 161

F.I.R.E. (Forensic and Incident Response Environment), 652–653

Firewall Builder, 403

firewalls, 363–410

basics, 364–373

bypassing, 20

Checkpoint, 410

Cisco PIX, 408–410

commercial, 403–410

described, 364–365

DMZ and, 371–373

Firewall Builder, 403

freeware, 373–403

Guardian, 403

hping utility, 431–435

Internet Connection Firewall, 410

ipchains, 374–383

ipfilter, 403

IPFW, 393–403

iptables, 383–393

ISIC suite and, 557–558

Linksys SOHO, 404–405

NAT and, 368–371, 409

NetScreen, 410

packet-filtering, 366–367

parental control, 365

performance, 560

personal, 364–365

SonicWALL, 405–408

stateless vs. stateful, 367–368

UDP and, 69–70

VPNs and, 371

vs. packet filters, 365

ZoneAlarm, 410

flags

-A, 134–136

-a, 134–135

ACK, 477

command-line, 470–472, 492

FIN, 477–478

SYN, 65, 69, 433, 474–478

TCP, 65, 67, 433

Flawfinder, 290–295

FlexChecks, 338–339

Flood Pings, 421

floppy disks. See also boot disks; CD-ROMs

boot disks. See boot disks

evidence files on, 655

live response tool kit, 599

Trinux tool, 572–573

forensic analysis

The Coroner’s Toolkit (TCT), 698–710

EnCase tool, 684–698, 710

Forensic Toolkit (FTK), 672–684, 710

toolkits for, 651–698

web activity, 711–742

Forensic and Incident Response Environment (F.I.R.E.), 652–653

forensic duplication, 615–669

dd tool, 653–659

EnCase tool, 616–624, 649, 684–698, 710

format command, 625–626

Ghost utility, 641–649

hard drive duplication, 655

local evidence files, 655–658

logging and, 629–630, 654–655

losetup tool, 660–661

noncommercial toolkit, 651–669

PDBLOCK utility, 626–627

remote evidence files, 658–659

Safeback utility, 627–637, 649

SnapBack DatArrest utility, 637–641, 649

Forensic Toolkit (FTK), 672–684, 710

forensic workstation, 658

format command, 625–626

fping tool, 423–426

FPipe, 444–449, 451

fport command, 11, 578–580, 598

fragmentation, 72, 422

FreeBSD systems

cleansing evidence drives, 659

hijacked services and, 20

transforming files into devices, 664–665

vnode, 664–665

FreeBSD To Go, 652

frhed tool, 757–760

FScan tool, 160, 162. See also ScanLine tool

FTK (Forensic Toolkit), 672–684, 710

FTP (File Transfer Protocol)

datapipes, 21–23

Netcat and, 21–23

port filters and, 20

running as root, 74

wu-ftpd 2.6.0, 292–293

FTP bounce attacks, 70–72

FTP bounce scanning, 70–71

FTP clients, 70–71

FTP servers, 70–72, 105, 292–293

fwhois command, 412–416



 < Day Day Up > 



Anti-Hacker Tool Kit
Anti-Hacker Tool Kit, Third Edition
ISBN: 0072262877
EAN: 2147483647
Year: 2004
Pages: 189

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net