000 05556cam a22004094a 4500
001 ocm00000389
005 20240430143926.0
008 050915s2002 inua 001 0 eng
010 _a 00111389
020 _a0735710996 :
_c49.99
040 _aDLC
_cDLC
_dDLC
042 _apcc
050 0 0 _aQA76.9.A25
_bZ54 2002
069 _a09707115
090 _aQA 76.9 .A25 Z54 2002
090 _aQA 76.9 .A25 Z54 2002
100 1 _aZiegler, Robert L.
_q(Robert Loren),
_d1954-
_971366
245 1 0 _aLinux firewalls /
_cRobert L. Ziegler, Carl B. Constantine.
250 _a2nd ed.
260 _aIndianapolis, IN :
_bNew Riders,
_c2002.
300 _axxiii, 562 p. :
_bill. ;
_c23 cm.
500 _aIncludes index.
505 0 _aPacket-Filtering and Basic Security Measures -- Preliminary Concepts Underlying Packet-Filtering Firewalls -- The TCP/IP Reference Networking Model -- IP Addresses -- Routing: Getting a Packet from Here to There -- Service Ports: The Door to the Programs on Your System -- Packets: IP Network Messages -- Packet-Filtering Concepts -- A Packet-Filtering Firewall -- Choosing a Default Packet-Filtering Policy -- Rejecting Versus Denying a Packet -- Filtering Incoming Packets -- Filtering Outgoing Packets -- Private versus Public Network Services -- ptables: The Linux Firewall Administration Program -- Differences Between IPFW and Netfilter Firewall Mechanisms -- iptables Features -- iptables Syntax -- Building and Installing a Standalone Firewall -- iptables: The Linux Firewall Administration Program -- Initializing the Firewall -- Protecting Services on Assigned Unprivileged Ports -- Enabling Basic, Required Internet Services -- Enabling Common TCP Services -- Enabling Common UDP Services -- Filtering ICMP Control and Status Messages -- Logging Dropped Incoming Packets -- Logging Dropped Outgoing Packets -- Denying Access to Problem Sites Up Front -- Installing the Firewall -- Advanced Issues, Multiple Firewalls, and Perimeter Networks -- Firewall Optimization -- Rule Organization -- User-Defined Chains -- Optimized Example -- What Did Optimization Buy? -- Packet Forwarding -- The Limitations of a Standalone Firewall -- Basic Gateway Firewall Setups -- LAN Security Issues -- Configuration Options for a Trusted Home LAN -- Configuration Options for a Larger or Less Trusted LAN -- A Formal Screened-Subnet Firewall -- Converting the Gateway from Local Services to Forwarding -- NAT--Network Address Translation -- The Conceptual Background of NAT -- iptables NAT Semantics -- Examples of SNAT and Private LANs -- Examples of DNAT, LANs, and Proxies -- Debugging the Firewall Rules -- General Firewall-Development Tips -- Listing the Firewall Rules -- Checking the Input, Output, and Forwarding Rules -- Checking for Open Ports -- Debugging SSH: A Real-Life Example -- System-Level Security and Monitoring -- Verifying That the System Is Running as You Expect -- Checking the Network Interfaces with ifconfig -- Checking the Network Connection with ping -- Checking Network Processes with netstat -- Checking a Process Bound to a Particular Port with fuser -- Checking All Processes with ps -ax -- Interpreting the System Logs -- Issues at the UNIX System Administration Level -- Authentication: Verifying Identity -- Authorization: Defining Access Rights to Identities -- Server-Specific Configuration -- SOCKS: An Application-Level Proxy Firewall -- Miscellaneous System Accounts in /etc/passwd, /etc/shadow, and /etc/group -- Setting Your PATHVariable -- /etc/issue.net -- Remote Logging -- Keeping Current with Software Upgrades -- Secure Shell (SSH) -- Installing SSH -- Generating SSH Keys -- Using SSH -- Customizing Your SSH Configuration -- Secure Copy (scp) -- Tripwire -- Installing Tripwire -- Looking at How Tripwire Works -- Configuring Tripwire -- Intrusion Detection and Incident Reporting Software -- Intrusion-Detection Software -- Symptoms Suggesting That the System Might Be Compromised -- What to Do if Your System Is Compromised -- Incident Reporting -- Security Resources -- Security Information Sources -- Software Collections -- Security Tools -- Firewall Tools -- Firewall Examples and Support Scripts -- iptables Firewall for a Standalone System from Chapter 4 -- Optimized iptables Firewall from Chapter 5 -- iptables Firewall for a Choke Firewall from Chapter 6 -- Special Purpose Support Scripts -- DHCP and pump: Firewall Support with a Dynamic IP Address and Name Servers -- VPN -- Overview of Virtual Private Networks (VPN) -- Types ofVPN -- VPN Protocols -- Linux and VPN Products -- VPN Configurations -- Connecting Networks -- VPN and Firewalls.
520 0 _aUpdating the highly successful first edition to cover the Linux 2.4 kernel. Author Ziegler is a router security architect who is well respected in the Open Source community as a firewall expert. Includes extensive coverage of iptables, the biggest additional change to the 2.4 kernel.
630 0 0 _aLinux.
_971367
650 0 _aComputers
_xAccess control.
_971368
650 0 _aFirewalls (Computer security)
_971369
650 0 _aOperating systems (Computers)
_9199
700 1 _aConstantine, Carl B.
_963246
852 _9p49.99
_y07-10-2002
907 _a12663
_b08-06-10
_c08-06-10
942 _cBOOK
_00
998 _aaudmc
_b07-10-02
_cm
_da
_e-
_feng
_ginu
_h0
935 _aPR10321
945 _g0
_i628172
_j0
_laudmc
_nCopy Type:01 - Books
_o-
_p183.71
_q-
_r-
_s-
_t1
_u0
_v0
_w0
_x0
_yi10180291
_z08-06-10
999 _c12663
_d12663