Chapter9.Intrusion Detection and Response


Chapter 9. Intrusion Detection and Response

You've now built a firewall with Linux using iptables. The layered security approach includes both network and host-based security. Where the firewall provides security for both the network and the hosts, there are also steps that must be undertaken on the firewall machine itself, as well as on the hosts within the network. Whether it takes the form of filesystem integrity checking, virus scanning, or monitoring the network for suspicious activity, these processes help ensure that your data remains safe.

This chapter is about host and network security and intrusion detection. The goal of the chapter is to provide a high-level overview of some of the concepts so that you can do further research into the specific areas of interest. The chapter widens the scope beyond that of the firewall machine to include the security of the network, as well as giving suggestions for individual computers within the network. Chapter 13, "Kernel Enhancements," will provide information on securing the firewall computer itself using kernel enhancements.




Linux Firewalls
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort
ISBN: 1593271417
EAN: 2147483647
Year: 2005
Pages: 163
Authors: Michael Rash

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net