Linux Firewalls | O'Reilly Media

BUY THIS BOOK

Print Book $49.95

Safari Books Online

What is this?

Tell a friend

Linux Firewalls Attack Detection and Response

By Michael Rash
September 2007
Publisher: No Starch Press
Pages: 336
ISBN 10: 1-59327-141-7 | ISBN 13: 9781593271411

Book description

Linux firewalls provide capabilities that rival commercial firewalls, and are built upon the powerful Netfilter infrastructure in the Linux kernel. Linux Firewalls: Attack Detection and Response explores using Netfilter as an intrusion detection system (IDS) by combining it with Snort rulesets and custom open source software created by the author. Providing concrete examples to illustrate concepts, the book discusses Linux firewall log analysis and policies, passive network authentication and authorization, exploit packet traces and Snort ruleset emulation, and more. Perl and C code snippets are included to help readers maximize the deployment of Linux firewalls as effective mechanisms for the detection and prevention of various network-based attacks.
Full Description

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:

Passive network authentication and OS fingerprinting

iptables log analysis and policies

Application layer attack detection with the iptables string match extension

Building an iptables ruleset that emulates a Snort ruleset

Port knocking vs. Single Packet Authorization (SPA)

Tools for visualizing iptables logs

Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.

Browse within this book

Cover

Featured customer reviews

Be the first person to review this book!

Media reviews
"This most excellent book takes on a highly applied approach. In other words, after reading this book, you will be armed with a strong working knowledge of how network attacks are detected and dealth with via iptables."
-- John Vacca, Amazon.com

"Right from the start, the book presented valuable information and pulled me in. The chapters about iptables packet filtering are crucial for any reader new to networking or firewall administration. Experienced users might pick up a tip or two, as well. Linux Firewalls contained a wealth of knowledge about packet structure in addition to a solid explanation of iptables usage. I was rather impressed by the variety of information presented in the early chapters. The book of course detailed the syntax and logistics of iptables, but also provided detailed examples of attacks at the network, transport, and application layers...All together, Linux Firewalls was an impressive read."
-- David Martinjak, Slashdot.org

"What really makes this book different from the others I've seen over the years is that the author approaches the subject in a layered method while exposing potential vulnerabilities at each step. (Thank you so VERY much) So for those that are new to the security game, the book also takes a stab at teaching the basics of network security while teaching you the tools to build a modern firewall."
-- Brian Chee, Geeks in Paradise, InfoWorld

Read all reviews

See larger cover

View/Submit Review

"Right from the start, the book presented valuable information and pulled me in. The chapters about iptables packet filtering are crucial for any reader new to networking or firewall administration. Experienced users might pick up a tip or two, as well...All together, Linux Firewalls was an impressive read."
--David Martinjak, Slashdot.org

© 2008, O'Reilly Media, Inc.
(707) 827-7000 / (800) 998-9938
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.

About O'Reilly
Privacy Policy
Contacts
Authors
Press Room
Jobs
User Groups
Academic Solutions
Newsletters
Writing for O'Reilly
RSS Feeds

Other O'Reilly Sites
O'Reilly Radar
Ignite
Tools of Change for Publishing
Digital Media
makezine.com
craftzine.com
hackzine.com
perl.com
xml.com

Sponsored Sites
Inside Aperture
Inside iPhone
Inside Lightroom
Inside Port 25
InsideRIA

Got a Question?