Linux Firewalls: Enhancing Security with nftables and Beyond, 4th Edition

About

Features

• Presents definitive, up-to-the-minute coverage of nftables, IPv6 and wireless firewalls, and VPNs
• Reflects extensive updates to iptables, next-generation security tools such as Samhain and rkhunter, and new security techniques such as port knocking
• Advanced coverage includes hardening the Linux kernel to enhance security
• Content is distribution neutral, updated for the latest Linux Kernel, and supported with Red Hat, SUSE, and Debian code examples

Description

The Definitive Guide to Building Firewalls with Linux

As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux^® Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security.

An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more.

Distribution neutral throughout, this edition is fully updated for today’s Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you’re a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise.

Inside, you’ll find just what you need to

• Install, configure, and update a Linux firewall running either iptables or nftables
• Migrate to nftables, or take advantage of the latest iptables enhancements
• Manage complex multiple firewall configurations
• Create, debug, and optimize firewall rules
• Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions
• Harden systems against port scanning and other attacks
• Uncover exploits such as rootkits and backdoors with chkrootkit

Extras

Author's Site

Please visit the author's site here

Sample Content

Sample Pages

Download the sample pages (includes Chapter 2 and Index)

Table of Contents

• Part I: Packet Filtering and Basic Security Measures
• Chapter 1: Preliminary Concepts Underlying Packet-Filtering Firewalls        
• Chapter 2: Packet-Filtering Concepts         
• Chapter 3: iptables : The Legacy Linux Firewall Administration Program        
• Chapter 4: nftables : The Linux Firewall Administration Program        
• Chapter 5: Building and Installing a Standalone Firewall        
• Part II: Advanced Issues, Multiple Firewalls, and Perimeter Networks       
• Chapter 6:  Firewall Optimization         
• Chapter 7:  Packet Forwarding         
• Chapter 8:  NAT–Network Address Translation         
• Chapter 9: Debugging the Firewall Rules          
• Chapter 10: Virtual Private Networks         
• Part III: Beyond iptables  and nftables         
• Chapter 11: Intrusion Detection and Response         
• Chapter 12:  Intrusion Detection Tools         
• Chapter 13:  Network Monitoring and Attack Detection         
• Chapter 14:  Filesystem Integrity         
• Part IV: Appendices         
• Appendix A:  Security Resources         
• Appendix B:  Firewall Examples and Support Scripts         
• Appendix C: Glossary         
• Appendix D: GNU Free Documentation License         
• Index      

Updates

Submit Errata