Troubleshooting Linux Firewalls
- Troubleshooting Linux Firewalls
- Table of Contents
- Copyright
- SectionI.Getting Started
- Chapter 1. Introduction
- Why We Wrote This Book
- How This Book Is Organized
- Goals of This Book
- The Methodical Approach and the Need for a Methodology
- Firewalls, Security, and Risk Management
- How to Think About Risk Management
- Computer Security Principles
- Firewall Recommendations and Definitions
- Why Do I Need a Firewall?
- Do I Need More Than a Firewall?
- What Kinds of Firewalls Are There?
- The Myth of Trustworthy or Secure Software
- Know Your Vulnerabilities
- Creating Security Policies
- Training
- Defense in Depth
- Summary
- Chapter 2. Getting Started
- Risk Management
- Basic Elements of Risk Management
- Seven Steps to Managing Risk
- Phase I: Analyze
- Phase II: Document
- Phase III: Secure the Enterprise
- Phase IV: Implement Monitoring
- Phase V: Test
- Phase VI: Integrate
- Phase VII: Improve
- Summary
- Chapter 3. Local Firewall Security
- The Importance of Keeping Your Software Up to Date
- Over Reliance on Patching
- Turning Off Services
- Security Tools to Install
- Summary
- Chapter 4. Troubleshooting Methodology
- Problem Solving Methodology
- Recognize, Define, and Isolate the Problem
- Gather Facts
- Define What the End State Should Be
- Develop Possible Solutions and Create an Action Plan
- Analyze and Compare Possible Solutions
- Select and Implement the Solution
- Critically Analyze the Solution for Effectiveness
- Repeat the Process Until You Resolve the Problem
- Summary
- SectionII.Tools and Internals
- Chapter 5. The OSI Model: Start from the Beginning
- Internet Protocols at a Glance
- Summary
- Chapter 6. netfilter and iptables Overview
- How netfilter Works
- Summary
- Chapter 7. Using iptables
- Proper iptables Syntax
- Setting Up an Example Firewall
- ACCEPT Rules
- Summary
- Chapter 8. A Tour of Our Collective Toolbox
- Old Faithful
- Sniffers
- Firewall Management and Rule Building
- Summary
- Chapter 9. Diagnostics
- Diagnostic Logging
- Checking the Network
- Using a Sniffer to Diagnose Firewall Problems
- Memory Load Diagnostics
- Summary
- SectionIII.Diagnostics
- Chapter 10. Testing Your Firewall Rules (for Security)
- Inside-Out Testing with nmap and iplog
- Interpreting the Output from an Inside-Out Scan
- Testing from the Outside-In
- Reading Output from nmap
- Testing your Firewall with fragrouter
- VLANs
- Summary
- Chapter 11. Layer 2Inline Filtering
- Common Questions
- Tools Discussed in this Chapter
- Building an Inline Transparent Bridging Firewall with ebtables (Stealth Firewalls)
- Building an Inline Transparent Bridging Firewall with iptables (Stealth Firewalls)
- MAC Address Filtering with iptables
- DHCP Filtering with ebtables
- Summary
- Chapter 12. NAT (Network Address Translation) and IP Forwarding
- Common Questions about Linux NAT
- ToolsMethods Discussed in this Chapter
- Summary
- Chapter 13. General IP (Layer 3Layer 4)
- Common Question
- Inbound: Creating a Rule for a New TCP Service
- Inbound: Allowing SSH to a Local System
- Forward: SSH to Another System
- SSH: Connections Timeout
- Telnet: Forwarding Telnet Connections to Other Systems
- MySQL: Allowing MySQL Connections
- Summary
- Chapter 14. SMTP (e-mail)
- Common Questions
- Tools Discussed in this Chapter
- Allowing SMTP tofrom Your Firewalls
- Forwarding SMTP to an Internal Mail Server
- Forcing Your Mail Server Traffic to Use a Specific IP Address with an SNAT Rule
- Blocking Internal Users from Sending Mail Through Your Firewall
- Accept Only SMTP Connections from Specific Hosts (ISP)
- SMTP Server TimeoutsFailuresNumerous Processes
- Small E-Mail SendReceive CorrectlyLarge E-Mail Messages Do Not
- Summary
- Chapter 15. Web Services (Web Servers and Web Proxies)
- Common Questions
- Tools Discussed in this Chapter
- Summary
- Chapter 16. File Services (NFS and FTP)
- Tools Discussed in this Chapter
- Summary
- Chapter 17. Instant Messaging
- Common QuestionsProblems
- Tools Discussed in This Chapter
- NetMeeting and GnomeMeeting
- MSN Messenger
- Yahoo Messenger
- AOL Instant Messenger (AIM)
- ICQ
- Summary
- Chapter 18. DNSDHCP
- Common Questions
- Tools Discussed in this Chapter
- Summary
- Chapter 19. Virtual Private Networks
- Things to Consider with IPSEC
- Common QuestionsProblems
- Tools Discussed in this Chapter
- Running a PPTP Server Behind a NAT Firewall
- Summary
- Index
- SYMBOL
- A
- B
- C
- D
- E
- F
- G
- H
- I
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Y
- Z