Linux Firewalls

Linux Firewalls
Author: Michael Rash
Publisher: No Starch Press
Total Pages: 338
Release: 2007-09-07
Genre: Computers
ISBN: 1593271417

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack. Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop. Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics: –Passive network authentication and OS fingerprinting –iptables log analysis and policies –Application layer attack detection with the iptables string match extension –Building an iptables ruleset that emulates a Snort ruleset –Port knocking vs. Single Packet Authorization (SPA) –Tools for visualizing iptables logs Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables—along with psad and fwsnort—to detect and even prevent compromises.

Linux Firewalls

Linux Firewalls
Author: Robert Loren Ziegler
Publisher: Sams Publishing
Total Pages: 596
Release: 2002
Genre: Computer security
ISBN: 9780735710993

An Internet-connected Linux machine is in a high-risk situation. "Linux Firewalls, Third Edition" details security steps that any sized implementation--from home use to enterprise level--might take to protect itself from potential remote attackers. As with the first two editions, this book is especially useful for its explanations of iptables, packet filtering, and firewall optimization along with some advanced concepts including customizing the Linux kernel to enhance security.The third edition, while distribution neutral, has been updated for the current Linux Kernel and provides code examples for Red Hat, SUSE, and Debian implementations. Don' t miss out on the third edition of the critically acclaimed "Linux Firewalls,"

Linux Firewalls

Linux Firewalls
Author: Steve Suehring
Publisher: Addison-Wesley Professional
Total Pages: 425
Release: 2015-01-23
Genre: Computers
ISBN: 0134000196

The Definitive Guide to Building Firewalls with Linux As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux® Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security. An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more. Distribution neutral throughout, this edition is fully updated for today’s Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you’re a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise. Inside, you’ll find just what you need to Install, configure, and update a Linux firewall running either iptables or nftables Migrate to nftables, or take advantage of the latest iptables enhancements Manage complex multiple firewall configurations Create, debug, and optimize firewall rules Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions Harden systems against port scanning and other attacks Uncover exploits such as rootkits and backdoors with chkrootkit

Red Hat Linux Firewalls

Red Hat Linux Firewalls
Author: Bill McCarty
Publisher: *Red Hat
Total Pages: 540
Release: 2002-12-06
Genre: Computers
ISBN: 9780764524639

* Everything readers need to construct firewalls that protect computer networks from attacks and intrusions * Covers the migration from ipchains and how to mange iptable log files * Reviews the customization of firewalls, the Red Hat firewall tool, the firewall setup, and advanced firewall features * Includes numerous examples of firewalls and firewall administration techniques that work on Red Hat Linux systems * Explains how to cost-justify, implement, test, and operate packet filtering firewalls constructed using Red Hat Linux RED HAT(r) PRESS(TM) Linux Solutions from the Experts at Red Hat Red Hat-the world's leading Linux company-presents a series of unrivaled guides that are reviewed and approved by the experts at Red Hat. Each book is packed with invaluable tips and techniques that are ideal for everyone from beginning to advanced network and systems professionals, as well as home and small businesses.

Building Linux and OpenBSD Firewalls

Building Linux and OpenBSD Firewalls
Author: Wes Sonnenreich
Publisher:
Total Pages: 396
Release: 2000-02-16
Genre: Computers
ISBN:

A step-by-step guide to bulding a commercial-grade firewall with open source software Building Linux and OpenBSD Firewalls It's now more important than ever before to protect your data and computers from people trying to hack into your network. Without the proper security, the wrong person can gain access to your system and read critical documents, change data, delete items, and much worse. With this book, you'll quickly learn how to protect your network from such attacks as you build a Linux or OpenBSD firewall. From determining how much security you'll need to configuring the firewall and monitoring your system, authors Tom Yates and Wes Sonnenreich clearly guide you through all the necessary steps to improve your security. They show you how to: * Build Linux and OpenBSD firewalls that meet your security needs * Choose the appropriate hardware for each operating system and put the machine together * Configure a firewall that allows network services such as email, newsgroups, and Internet and intranet access * Monitor and update your system to close any holes in security * Detect intruders and restore your network security The companion Web site at www.wiley.com/compbooks/sonnenreich features: * Updates for the most recent releases of OpenBSD and Red Hat * Useful scripts and tools * Sample firewall configurations * Additional online resources

Linux iptables Pocket Reference

Linux iptables Pocket Reference
Author: Gregor N. Purdy
Publisher: "O'Reilly Media, Inc."
Total Pages: 98
Release: 2004-08-25
Genre: Computers
ISBN: 1449378986

Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered onLinux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off.Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get?This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.

Building Internet Firewalls

Building Internet Firewalls
Author: Elizabeth D. Zwicky
Publisher: "O'Reilly Media, Inc."
Total Pages: 897
Release: 2000-06-26
Genre: Computers
ISBN: 0596551886

In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes: Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls Issues involved in a variety of new Internet services and protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows Browser) Authentication and auditing services (e.g., PAM, Kerberos, RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server) The book's complete list of resources includes the location of many publicly available firewall construction tools.

Building Secure Servers with Linux

Building Secure Servers with Linux
Author: Michael D. Bauer
Publisher: "O'Reilly Media, Inc."
Total Pages: 440
Release: 2002
Genre: Computers
ISBN: 9780596002176

Linux consistently turns up high in the list of popular Internet servers, whether it's for the Web, anonymous FTP, or general services like DNS and routing mail. But security is uppermost on the mind of anyone providing such a service. Any server experiences casual probe attempts dozens of time a day, and serious break-in attempts with some frequency as well. As the cost of broadband and other high-speed Internet connectivity has gone down, and its availability has increased, more Linux users are providing or considering providing Internet services such as HTTP, Anonymous FTP, etc., to the world at large. At the same time, some important, powerful, and popular Open Source tools have emerged and rapidly matured--some of which rival expensive commercial equivalents--making Linux a particularly appropriate platform for providing secure Internet services. Building Secure Servers with Linux will help you master the principles of reliable system and network security by combining practical advice with a firm knowledge of the technical tools needed to ensure security. The book focuses on the most common use of Linux--as a hub offering services to an organization or the larger Internet--and shows readers how to harden their hosts against attacks. Author Mick Bauer, a security consultant, network architect, and lead author of the popular Paranoid Penguin column in Linux Journal, carefully outlines the security risks, defines precautions that can minimize those risks, and offers recipes for robust security. The book does not cover firewalls, but covers the more common situation where an organization protects its hub using other systems as firewalls, often proprietary firewalls. The book includes: Precise directions for securing common services, including the Web, mail, DNS, and file transfer. Ancillary tasks, such as hardening Linux, using SSH and certificates for tunneling, and using iptables for firewalling. Basic installation of intrusion detection tools. Writing for Linux users with little security expertise, the author explains security concepts and techniques in clear language, beginning with the fundamentals. Building Secure Servers with Linux provides a unique balance of "big picture" principles that transcend specific software packages and version numbers, and very clear procedures on securing some of those software packages. An all-inclusive resource for Linux users who wish to harden their systems, the book covers general security as well as key services such as DNS, the Apache Web server, mail, file transfer, and secure shell. With this book in hand, you'll have everything you need to ensure robust security of your Linux system.