Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:

  • Passive network authentication and OS fingerprinting
  • iptables log analysis and policies
  • Application layer attack detection with the iptables string match extension
  • Building an iptables ruleset that emulates a Snort ruleset
  • Port knocking vs. Single Packet Authorization (SPA)
  • Tools for visualizing iptables logs

    Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.

    About the Author
    Michael Rash is a Security Architect on the Dragon Intrusion Detection System with Enterasys Networks, Inc., and is a frequent contributor to open source projects. As the creator of psad, fwknop, and fwsnort, Rash is an expert on firewalls, IDSs, OS fingerprinting, and the Snort rules language. He is co-author of the book Snort 2.1 Intrusion Detection,lead-author and technical editor of the book Intrusion Prevention and Active Response, and has written security articles for Linux Journal, SysAdmin, and ;login:.

  • (HTML tags aren't allowed.)

    Accelerated SQL Server 2008
    Accelerated SQL Server 2008
    Before I describe the contents of this book and why I think you should just take it over to the counter and buy it, I would like to give you an insider’s look at the SQL Server 2008 product development cycle. I believe this insight will provide you with a deeper understanding of how SQL Server is continuing to evolve. The rest of this book...
    Probability and Statistics for Engineers and Scientists
    Probability and Statistics for Engineers and Scientists

    PROBABILITY AND STATISTICS FOR ENGINEERS AND SCIENTISTS, Fourth Edition, continues the approach that has made previous editions successful. As a teacher and researcher at a premier engineering school, author Tony Hayter is in touch with engineers daily--and understands their vocabulary. The result of this familiarity with the professional...

    SoapUI Cookbook
    SoapUI Cookbook

    Boost your SoapUI capabilities to test RESTful and SOAP APIs with over 65 hands-on recipes

    About This Book

    • Quickly gain simple-to-use building blocks to power up your SoapUI toolkit
    • Use Groovy scripting and open source technologies to add the SoapUI functionality you need to successfully...

    The Big Book of Dashboards: Visualizing Your Data Using Real-World Business Scenarios
    The Big Book of Dashboards: Visualizing Your Data Using Real-World Business Scenarios

    The definitive reference book with real-world solutions you won't find anywhere else

    The Big Book of Dashboards presents a comprehensive reference for those tasked with building or overseeing the development of business dashboards.

    Comprising dozens of examples that address different industries...

    A Modern Approach to Regression with R (Springer Texts in Statistics)
    A Modern Approach to Regression with R (Springer Texts in Statistics)

    This book focuses on tools and techniques for building regression models using real-world data and assessing their validity. A key theme throughout the book is that it makes sense to base inferences or conclusions only on valid models. Plots are shown to be an important tool for both building regression models and assessing their validity. We...

    Essential C# 6.0 (5th Edition) (Addison-Wesley Microsoft Technology)
    Essential C# 6.0 (5th Edition) (Addison-Wesley Microsoft Technology)

    “Welcome to one of the greatest collaborations you could dream of in the world of C# books—and probably far beyond!”

    —From the Foreword by Mads Torgersen, C# Program Manager, Microsoft


    ©2018 LearnIT (support@pdfchm.net) - Privacy Policy