Book description
NoneTable of contents
- About This eBook
- Title Page
- Copyright Page
- Dedication Page
- Contents at a Glance
- Contents
- Preface
- About the Author
-
I. Packet Filtering and Basic Security Measures
- 1. Preliminary Concepts Underlying Packet-Filtering Firewalls
- 2. Packet-Filtering Concepts
- 3. iptables: The Legacy Linux Firewall Administration Program
- 4. nftables: The Linux Firewall Administration Program
-
5. Building and Installing a Standalone Firewall
- The Linux Firewall Administration Programs
-
Initializing the Firewall
- Symbolic Constants Used in the Firewall Examples
- Enabling Kernel-Monitoring Support
- Removing Any Preexisting Rules
- Resetting Default Policies and Stopping the Firewall
- Enabling the Loopback Interface
- Defining the Default Policy
- Using Connection State to Bypass Rule Checking
- Source Address Spoofing and Other Bad Addresses
- Protecting Services on Assigned Unprivileged Ports
- Enabling Basic, Required Internet Services
- Enabling Common TCP Services
- Enabling Common UDP Services
- Logging Dropped Incoming Packets
- Logging Dropped Outgoing Packets
- Installing the Firewall
- Summary
-
II. Advanced Issues, Multiple Firewalls, and Perimeter Networks
-
6. Firewall Optimization
- Rule Organization
- User-Defined Chains
-
Optimized Examples
- The Optimized iptables Script
- Firewall Initialization
- Installing the Chains
- Building the User-Defined EXT-input and EXT-output Chains
- tcp-state-flags
- connection-tracking
- local-dhcp-client-query and remote-dhcp-server-response
- source-address-check
- destination-address-check
- Logging Dropped Packets with iptables
- The Optimized nftables Script
- Firewall Initialization
- Building the Rules Files
- Logging Dropped Packets with nftables
- What Did Optimization Buy?
- Summary
- 7. Packet Forwarding
- 8. NAT—Network Address Translation
- 9. Debugging the Firewall Rules
- 10. Virtual Private Networks
-
6. Firewall Optimization
-
III. Beyond iptables and nftables
- 11. Intrusion Detection and Response
- 12. Intrusion Detection Tools
- 13. Network Monitoring and Attack Detection
- 14. Filesystem Integrity
- IV. Appendices
- Index
- Code Snippets
Product information
- Title: Linux® Firewalls: Enhancing Security with nftables and Beyond, Fourth Edition
- Author(s):
- Release date:
- Publisher(s): Addison-Wesley Professional
- ISBN: None
You might also like
book
Network Security, Firewalls, and VPNs, 3rd Edition
Network Security, Firewalls, and VPNs, third Edition provides a unique, in-depth look at the major business …
book
Mastering Linux Security and Hardening - Second Edition
A comprehensive guide to securing your Linux system against cyberattacks and intruders Key Features Deliver a …
book
Mastering Linux Security and Hardening - Third Edition
Gain a firm practical understanding of how to secure your Linux system from intruders, malware attacks, …
book
CCNP Security Virtual Private Networks SVPN 300-730 Official Cert Guide
Trust the best-selling Official Cert Guide series from Cisco Press to help you learn, prepare, and …