Summary


After reading this chapter, you should have a good understanding of the proper order of your firewall rules, some neat tricks you can implement to detect suspicious traffic and attacks through your firewall, and some useful kernel settings to help your firewall to perform more efficiently. Should you wish to explore any of the concepts in this chapter in greater detail, we will refer you again to our website (www.gotroot.com) and the documentation, tools, and forums there.

Finally, remember to construct your rules so that you deny everything by default and to only change your rules to allow traffic through that you can prove you need to let through. Never, ever try to build a firewall that explicitly denies certain things but otherwise allows everything else through. You can't even begin to imagine all the ways a firewall can be breached by applying this method. The golden rule is: "unless allow, deny." Stick with that, and as they say, you'll sleep well at night.



    Troubleshooting Linux Firewalls
    Troubleshooting Linux Firewalls
    ISBN: 321227239
    EAN: N/A
    Year: 2004
    Pages: 169

    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net