Linux Firewalls

Jan. 22, 2008
By Michael Rash
ISBN: 978-1-59327-141-1
Building a secure networked Linux box? Then you better know your firewalls. While they’re only one aspect of security, firewalls are often the first line of defense. Linux applications like iptables and fwsnort can provide this support in addition to other features like network address translation (NAT). Unfortunately, as with many firewall applications, the arcane can be important. This book does an excellent job of exposing and explaining how a networked Linux system should work. The book is comprehensive and a relatively easy read for anyone familiar with networking, TCP/IP, and Linux. This is not an introduction to any of these, so don’t drop this book on your parents’ coffee table unless one of them knows how to do a lot more than just turning on a PC. The book starts with the basics like iptables, the main routing application that runs on Linux. It then moves into attacks and defenses, covering applications like psad, which is used to check for port scanner attacks. A sizable chunk of the book addresses the snort firewall (fwsnort), an intrusion detection system. These chapters are well-worth reading since snort is not always part of a system installation. The book wraps up with coverage of port knocking and the author’s Single Packet Authorization (SPA) support for fwknop (FireWall KNock OPerator). Encrypted port knocking can be combined with OS fingerprinting to provide a secure mechanism for initiating VPN links across an unsecured network like the Internet. I keep this book within easy reach since I have a number of different Linux systems running in the lab. Since some of the issues involved are so complex, I uncover something new every time I open it.

Sponsored Recommendations

Highly Integrated 20A Digital Power Module for High Current Applications

March 20, 2024
Renesas latest power module delivers the highest efficiency (up to 94% peak) and fast time-to-market solution in an extremely small footprint. The RRM12120 is ideal for space...

Empowering Innovation: Your Power Partner for Tomorrow's Challenges

March 20, 2024
Discover how innovation, quality, and reliability are embedded into every aspect of Renesas' power products.

Article: Meeting the challenges of power conversion in e-bikes

March 18, 2024
Managing electrical noise in a compact and lightweight vehicle is a perpetual obstacle

Power modules provide high-efficiency conversion between 400V and 800V systems for electric vehicles

March 18, 2024
Porsche, Hyundai and GMC all are converting 400 – 800V today in very different ways. Learn more about how power modules stack up to these discrete designs.

Comments

To join the conversation, and become an exclusive member of Electronic Design, create an account today!