Flylib.com
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort
ISBN: 1593271417
EAN: 2147483647
Year: 2005
Pages: 163
Authors:
Michael Rash
BUY ON AMAZON
Linux Firewalls, Third Edition
Table of Contents
Copyright
About the Authors
Acknowledgments
We Want to Hear from You
Reader Services
Introduction
The Purpose of This Book
Who Should Read This Book
Linux Distribution
Errors in This Book
Companion Website
PartI.Packet-Filtering and Basic Security Measures
Chapter1.Preliminary Concepts Underlying Packet-Filtering Firewalls
The OSI Networking Model
The IP
Transport Mechanisms
Don t Forget ARP
Hostnames and IP Addresses
Routing: Getting a Packet from Here to There
Service Ports: The Door to the Programs on Your System
Summary
Chapter2.Packet-Filtering Concepts
A Packet-Filtering Firewall
Choosing a Default Packet-Filtering Policy
Rejecting Versus Denying a Packet
Filtering Incoming Packets
Filtering Outgoing Packets
Private Versus Public Network Services
Summary
Chapter3.iptables: The Linux Firewall Administration Program
Differences Between IPFW and Netfilter Firewall Mechanisms
Basic iptables Syntax
iptables Features
iptables Syntax
Summary
Chapter4.Building and Installing a Standalone Firewall
iptables: The Linux Firewall Administration Program
Initializing the Firewall
Protecting Services on Assigned Unprivileged Ports
Enabling Basic, Required Internet Services
Enabling Common TCP Services
Enabling Common UDP Services
Filtering ICMP Control and Status Messages
Logging Dropped Incoming Packets
Logging Dropped Outgoing Packets
Denying Access to Problem Sites Up Front
Installing the Firewall
Summary
PartII.Advanced Issues, Multiple Firewalls, and Perimeter Networks
Chapter5.Firewall Optimization
Rule Organization
User-Defined Chains
Optimized Example
What Did Optimization Buy?
Summary
Chapter6.Packet Forwarding
The Limitations of a Standalone Firewall
Basic Gateway Firewall Setups
LAN Security Issues
Configuration Options for a Trusted Home LAN
Configuration Options for a Larger or Less Trusted LAN
A Formal Screened-Subnet Firewall Example
Converting the Gateway from Local Services to Forwarding
Summary
Chapter7.NATNetwork Address Translation
The Conceptual Background of NAT
iptables NAT Semantics
Examples of SNAT and Private LANs
Examples of DNAT, LANs, and Proxies
Summary
Chapter8.Debugging the Firewall Rules
General Firewall-Development Tips
Listing the Firewall Rules
Checking the Input, Output, and Forwarding Rules
Interpreting the System Logs
Checking for Open Ports
Summary
PartIII.Beyond iptables
Chapter9.Intrusion Detection and Response
Detecting Intrusions
Symptoms Suggesting That the System Might Be Compromised
What to Do If Your System Is Compromised
Incident Reporting
Summary
Chapter10.Intrusion Detection Tools
Intrusion Detection Toolkit: Network Tools
Rootkit Checkers
Filesystem Integrity
Log Monitoring
How to Not Become Compromised
Summary
Chapter11.Network Monitoring and Attack Detection
Listening to the Ether
TCPDump: A Simple Overview
Using TCPDump to Capture Specific Protocols
Automated Intrusion Monitoring with Snort
Monitoring with ARPWatch
Summary
Chapter12.Filesystem Integrity
Filesystem Integrity Defined
Installing AIDE
Configuring AIDE
Monitoring AIDE for Bad Things
Cleaning Up the AIDE Database
Changing the Output of the AIDE Report
Defining Macros in AIDE
The Types of AIDE Checks
Summary
Chapter13.Kernel Enhancements
Security Enhanced Linux
Greater Security with GrSecurity
A Quick Look Around the Kernel
To Patch or Not to Patch
Using a GrSecurity Kernel
GrSecurity
Conclusion: Custom Kernels
PartIV.Appendices
AppendixA.Security Resources
Security Information Sources
Reference Papers and FAQs
Books
AppendixB.Firewall Examples and Support Scripts
iptables Firewall for a Standalone System from Chapter 4
Optimized iptables Firewall from Chapter 5
iptables Firewall for a Choke Firewall from Chapter 6
AppendixC.VPNs
Overview of Virtual Private Networks
VPN Protocols
Linux and VPN Products
VPN Configurations
Connecting Networks
VPN and Firewalls
Summary
AppendixD.Glossary
Index
SYMBOL
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort
ISBN: 1593271417
EAN: 2147483647
Year: 2005
Pages: 163
Authors:
Michael Rash
BUY ON AMAZON
Database Modeling with MicrosoftВ® Visio for Enterprise Architects (The Morgan Kaufmann Series in Data Management Systems)
Getting Started
Configuring, Manipulating, and Reusing ORM Models
Mapping ORM Models to Logical Database Models
Creating a Basic Logical Database Model
Logical Database Model Reports
Identifying and Managing Project Risk: Essential Tools for Failure-Proofing Your Project
Planning for Risk Management
Quantifying and Analyzing Activity Risks
Managing Activity Risks
Managing Project Risk
Monitoring and Controlling Risky Projects
Special Edition Using Crystal Reports 10
Modifying Object Properties for Formatting Purposes
Introduction to Cross-Tabs
Troubleshooting
Adding Crystal Analysis Objects to a Report
Publishing to the Web Desktop
Lean Six Sigma for Service : How to Use Lean Speed and Six Sigma Quality to Improve Services and Transactions
Success Story #1 Lockheed Martin Creating a New Legacy
Success Story #2 Bank One Bigger… Now Better
The Value in Conquering Complexity
Phase 2 Engagement (Creating Pull)
Raising the Stakes in Service Process Improvement
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
Uses for Job Schedulers in the Enterprise
Uses for Job Schedulers in NonEnterprise
Cron Expressions Cookbook
Running Quartz with JobStoreTX
Using the J2EE Containers DataSource
The Oracle Hackers Handbook: Hacking and Defending Oracle
Triggers
Attacking Oracle PL/SQL Web Applications
Accessing the File System
Accessing the Network
Appendix A Default Usernames and Passwords
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies