Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Buy
System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:

  • Passive network authentication and OS fingerprinting
  • iptables log analysis and policies
  • Application layer attack detection with the iptables string match extension
  • Building an iptables ruleset that emulates a Snort ruleset
  • Port knocking vs. Single Packet Authorization (SPA)
  • Tools for visualizing iptables logs

    Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.

    About the Author
    Michael Rash is a Security Architect on the Dragon Intrusion Detection System with Enterasys Networks, Inc., and is a frequent contributor to open source projects. As the creator of psad, fwknop, and fwsnort, Rash is an expert on firewalls, IDSs, OS fingerprinting, and the Snort rules language. He is co-author of the book Snort 2.1 Intrusion Detection,lead-author and technical editor of the book Intrusion Prevention and Active Response, and has written security articles for Linux Journal, SysAdmin, and ;login:.

  • (HTML tags aren't allowed.)

    Sport Management: Principles and Application
    Sport Management: Principles and Application
    Sport Management: principles and application provides a comprehensive introduction to the practical application of management principles within sport organisations operating at the community, state, national and professional levels in club based sporting systems. It presents an international balanced view between accepted practice...
    Real-Time Stability Assessment in Modern Power System Control Centers
    Real-Time Stability Assessment in Modern Power System Control Centers
    This book answers the need for a practical, hands-on guide for assessing power stability in real time, rather than in offline simulations. Since the book is primarily geared toward the practical aspects of the subject, theoretical background is reduced to the strictest minimum. For the benefit of readers who may not be quite familiar with the...
    Building Interoperable Web Services using the WS-I Basic Profile 1.0 (Patterns & Practices)
    Building Interoperable Web Services using the WS-I Basic Profile 1.0 (Patterns & Practices)

    Building Interoperable Web Services: WS-I Basic Profile 1.0 is intended to help software architects and developers design and code Web services that are interoperable. We emphasize “interoperable,” because we assume that you already understand how to implement a Web service. Our goal is to show you how to ensure that your...


    PHP Application Development with NetBeans: Beginner's Guide
    PHP Application Development with NetBeans: Beginner's Guide
    Productivity is an important factor for a software developer. A good development environment or surrounding tools with the essence of a particular programming flavor can boost up our coding productivity and yield a quality and optimized software product. In order to maintain a fast-paced development, developers seek the environment...
    Lightwave Technology: Telecommunication Systems
    Lightwave Technology: Telecommunication Systems
    The state of the art of modern lightwave system design

    Recent advances in lightwave technology have led to an explosion of high-speed global information systems throughout the world. Responding to the growth of this exciting new technology, Lightwave Technology provides a comprehensive and up-to-date account of the underlying theory,...

    A+ Complete Study Guide
    A+ Complete Study Guide
    Here’s the book you need to prepare for the latest versions of CompTIA’s A+ Exams. This Deluxe Edition of Sybex’s Best Selling A+ Study Guide provides:
    • Full coverage of every exam objective
    • Practical information on network hardware
    • Hundreds of...
    ©2018 LearnIT (support@pdfchm.net) - Privacy Policy