Linux Firewalls: Enhancing Security with Nftables and Beyond (4th Revised edition)

Linux Firewalls: Enhancing Security with Nftables and Beyond (4th Revised edition)

By: Steve Suehring (author)Paperback

2 - 4 weeks availability


The Definitive Guide to Building Firewalls with Linux As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux(R) Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security. An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more. Distribution neutral throughout, this edition is fully updated for today's Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you're a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise. Inside, you'll find just what you need to * Install, configure, and update a Linux firewall running either iptables or nftables* Migrate to nftables, or take advantage of the latest iptables enhancements* Manage complex multiple firewall configurations* Create, debug, and optimize firewall rules* Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions* Harden systems against port scanning and other attacks* Uncover exploits such as rootkits and backdoors with chkrootkit

Create a review

About Author

Steve Suehring is a technology architect who consults and speaks on a wide variety of technology-related subjects. He has worked in Linux administration and security since 1995, and served as Linux Security editor for LinuxWorld magazine. His previous books include JavaScript Step by Step, Third Edition (Microsoft Press, 2013), and MySQL Bible (Wiley, 2002).


Preface xix About the Author xxi Part I: Packet Filtering and Basic Security Measures 1 Chapter 1: Preliminary Concepts Underlying Packet-Filtering Firewalls 3 The OSI Networking Model 5 The Internet Protocol 7 Transport Mechanisms 14 Don't Forget Address Resolution Protocol 17 Hostnames and IP Addresses 18 Routing: Getting a Packet from Here to There 19 Service Ports: The Door to the Programs on Your System 19 Summary 23 Chapter 2: Packet-Filtering Concepts 25 A Packet-Filtering Firewall 26 Choosing a Default Packet-Filtering Policy 29 Rejecting versus Denying a Packet 31 Filtering Incoming Packets 31 Filtering Outgoing Packets 46 Private versus Public Network Services 49 Summary 50 Chapter 3: iptables : The Legacy Linux Firewall Administration Program 51 Differences between IPFW and Netfilter Firewall Mechanisms 51 Basic iptables Syntax 54 iptables Features 55 Iptables Syntax 61 Summary 82 Chapter 4: nftables : The Linux Firewall Administration Program 83 nftables Features 84 nftables Syntax 85 Summary 93 Chapter 5: Building and Installing a Standalone Firewall 95 The Linux Firewall Administration Programs 96 Initializing the Firewall 99 Protecting Services on Assigned Unprivileged Ports 112 Enabling Basic, Required Internet Services 117 Enabling Common TCP Services 122 Enabling Common UDP Services 134 Logging Dropped Incoming Packets 138 Logging Dropped Outgoing Packets 138 Installing the Firewall 139 Summary 141 Part II: Advanced Issues, Multiple Firewalls, and Perimeter Networks 143 Chapter 6: Firewall Optimization 145 Rule Organization 145 User-Defined Chains 148 Optimized Examples 151 What Did Optimization Buy? 176 Summary 177 Chapter 7: Packet Forwarding 179 The Limitations of a Standalone Firewall 179 Basic Gateway Firewall Setups 181 LAN Security Issues 182 Configuration Options for a Trusted Home LAN 183 Configuration Options for a Larger or Less Trusted LAN 188 Summary 195 Chapter 8: NAT-Network Address Translation 197 The Conceptual Background of NAT 197 NAT Semantics with iptables and nftables 201 Examples of SNAT and Private LANs 206 Examples of DNAT, LANs, and Proxies 209 Summary 210 Chapter 9: Debugging the Firewall Rules 211 General Firewall Development Tips 211 Listing the Firewall Rules 213 Interpreting the System Logs 217 Checking for Open Ports 223 Summary 227 Chapter 10: Virtual Private Networks 229 Overview of Virtual Private Networks 229 VPN Protocols 229 Linux and VPN Products 232 VPN and Firewalls 233 Summary 234 Part III: Beyond iptables and nftables 235 Chapter 11: Intrusion Detection and Response 237 Detecting Intrusions 237 Symptoms Suggesting That the System Might Be Compromised 238 What to Do If Your System Is Compromised 241 Incident Reporting 243 Summary 247 Chapter 12: Intrusion Detection Tools 249 Intrusion Detection Toolkit: Network Tools 249 Rootkit Checkers 251 Filesystem Integrity 255 Log Monitoring 256 How to Not Become Compromised 257 Summary 261 Chapter 13: Network Monitoring and Attack Detection 263 Listening to the Ether 263 TCPDump: A Simple Overview 265 Using TCPDump to Capture Specific Protocols 272 Automated Intrusion Monitoring with Snort 286 Monitoring with ARPWatch 291 Summary 293 Chapter 14: Filesystem Integrity 295 Filesystem Integrity Defined 295 Installing AIDE 296 Configuring AIDE 297 Monitoring AIDE for Bad Things 301 Cleaning Up the AIDE Database 302 Changing the Output of the AIDE Report 303 Defining Macros in AIDE 306 The Types of AIDE Checks 307 Summary 310 Part IV: Appendices 311 Appendix A: Security Resources 313 Security Information Sources 313 Reference Papers and FAQs 314 Appendix B: Firewall Examples and Support Scripts 315 iptables Firewall for a Standalone System from Chapter 5 315 nftables Firewall for a Standalone System from Chapter 5 328 Optimized iptables Firewall from Chapter 6 332 nftables Firewall from Chapter 6 345 Appendix C: Glossary 351 Appendix D: GNU Free Documentation License 363 0. Preamble 363 1. Applicability and Definitions 363 2. Verbatim Copying 365 3. Copying in Quantity 365 4. Modifications 366 5. Combining Documents 367 6. Collections of Documents 368 7. Aggregation with Independent Works 368 8. Translation 368 9. Termination 369 10. Future Revisions of this License 369 11. Relicensing 370 Index 371

Product Details

  • publication date: 29/01/2015
  • ISBN13: 9780134000022
  • Format: Paperback
  • Number Of Pages: 432
  • ID: 9780134000022
  • weight: 670
  • ISBN10: 0134000021
  • edition: 4th Revised edition

Delivery Information

  • Saver Delivery: Yes
  • 1st Class Delivery: Yes
  • Courier Delivery: Yes
  • Store Delivery: Yes

Prices are for internet purchases only. Prices and availability in WHSmith Stores may vary significantly