Jump to ratings and reviews
Rate this book

Linux Firewalls: Enhancing Security with Nftables and Beyond

Rate this book
The Definitive Guide to Building Firewalls with Linux As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux(R) Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security. An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more. Distribution neutral throughout, this edition is fully updated for today's Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you're a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise. Inside, you'll find just what you need to Install, configure, and update a Linux firewall running either iptables or nftables Migrate to nftables, or take advantage of the latest iptables enhancements Manage complex multiple firewall configurations Create, debug, and optimize firewall rules Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions Harden systems against port scanning and other attacks Uncover exploits such as rootkits and backdoors with chkrootkit

432 pages, CD-ROM

First published September 24, 2005

7 people are currently reading
35 people want to read

About the author

Steve Suehring

36 books1 follower

Ratings & Reviews

What do you think?
Rate this book

Friends & Following

Create a free account to discover what your friends think of this book!

Community Reviews

5 stars
3 (15%)
4 stars
12 (60%)
3 stars
5 (25%)
2 stars
0 (0%)
1 star
0 (0%)
Displaying 1 - 3 of 3 reviews
227 reviews1 follower
November 7, 2018
Wszystko o iptables i nftables aż do bólu. Ale głównie o tym, chociaż jest też o zabezpieczeniach sieci.
Profile Image for Jascha.
151 reviews
June 13, 2015
Ever since the early 90s, when the Internet phenomenon exploded, security became an issue, since the number of exposed machines grown exponentially. This also led to an inevitable increase in the amount of books being written on the subject, thousands and thousands of pages targeting both simple end users, interested in protecting their home LAN, and network administrators, responsible to keep the gates of huge castles and companies well guarded against dragons and hackers. Among them, Linux Firewalls definitely stands out, both for its quality and readability. Despite being 10 years old, it still represents a must have for any network and system administrator interested in learning how to defend the perimeter.

Definitely targeting network professionals, on the contrary of many titles out there, Linux Firewalls tackles security from all sides. True, it is a text mainly focused on iptables, but it's not a reference, which is what the official man pages have been written for. The authors do instead cover security in a broad sense, from designing secure networks, depending on size and value of the services being protected, up to security incident response.

Throughout the three parts of the book (which is actually made of four parts, considering the appendixes), we make the acquaintance of iptables through an example that, overall, is a good starting point for the reader to build upon its own firewall configuration. Each and every network protocol (ok, not every protocol...) is analyzed individually from the perspective of the gateway firewall. The authors share their expertise and show us the challenges we network administrators must face when that specific service is served either locally or remotely and how securely iptables can control it, if it can.

Talking about shared expertise, I have particularly enjoyed the emphasis that the authors give not only to preventing malicious traffic from entering our network, but also to preventing it from leaving our gates, be it purposely generated or not. The chapters dedicated to investigating and reporting successful intrusions were ice on the cake.

It's pretty hard to find something wrong with this title. If I must, well I think that more space should have been dedicated to both NAT and mangle tables. True, NAT has its own chapter dedicated but still, overall, they are really given a small share of the cake.

A must have for any system/network administrator willing to understand how to secure his perimeter. This text is more than just firewalling; it's a concentrate of precious notes from a veteran to avoid newbies pitfalls. It definitely deserves an honored place in the bookshelf.

As usual, you can find more reviews on my personal blog: http://books.lostinmalloc.com Feel free to pass by and share your thoughts!
Displaying 1 - 3 of 3 reviews

Can't find what you're looking for?

Get help and learn more about the design.