The Design Center / DT&G & Else / NEWS ITEM  

  news/2007/

• No Starch Press releases Linux Firewalls New book shows how to use iptables and Netfilter to detect and prevent network-based attacks

Linux Firewalls

how to design and implement a firewall and intrusion detection system

System administrators need to stay ahead of new security vulnerabilities daily, and tech book publisher No Starch Press (nostarch.com) wants to help. Their latest publication, Linux Firewalls, by security expert Michael Rash, is designed to show sys admins how to design and implement a firewall and intrusion detection system (IDS) that will proactively deny access and monitor network traffic for signs of attack.

"Linux Firewalls is a great book." - Richard Bejtlich of taosecurity.com in the Foreword to Linux Firewalls

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel. "This book will really do its part to move the field of firewalling forward," said No Starch Press publisher Bill Pollock. "We didn't want to publish just any firewalls book; we wanted to publish a groundbreaking one. Sure, almost anyone can build a simple firewall, but it's not easy to build a robust firewall. That's where Linux Firewalls comes in."

Rash shows how to use iptables and Netfilter to provide strong filtering, NAT (network address translation), state tracking, and application layer inspection capabilities that rival many commercial tools. Readers learn how to use psad and fwsnort to deploy iptables as an IDS and how to use fwknop to build a strong, passive authentication layer around iptables. Readers will find coverage of:
* Application layer attack detection with the iptables string match extension and fwsnort
* Building an iptables ruleset that emulates a Snort ruleset
* Port knocking versus single packet authorization (SPA)
* Tools for visualizing iptables logs
* Passive OS fingerprinting with iptables

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more. Perl and C code snippets offer practical examples that help sys admins maximize their deployment of Linux firewalls.

Administrators tasked with keeping a network secure will find Linux Firewalls invaluable in their efforts to understand attacks and use iptables to detect and prevent compromises.

Michael Rash is a security architect with Enterasys Networks, Inc., where he develops the Dragon intrusion detection and prevention system. He is a frequent contributor to open source projects and the creator of psad, fwknop, and fwsnort. Rash is an expert on firewalls, intrusion detection systems, passive OS fingerprinting, and the Snort rules language. He is co-author of Snort 2.1 Intrusion Detection (Syngress, 2004) and author of Intrusion Prevention and Active Response (Syngress, 2005), and he has written security articles for Linux Journal, Sys Admin magazine, and ;login:.

Linux Firewalls
Attack Detection and Response with iptables, psad, and fwsnort
by Michael Rash
Download Chapter 10, "Deploying fwsnort," (PDF)

ABOUT NO STARCH PRESS: Founded in 1994, No Starch Press is one of the few remaining independent computer book publishers. We publish the finest in geek entertainment -- unique books on technology, with a focus on Open Source, security, hacking, programming, alternative operating systems, and LEGO. Our titles have personality, our authors are passionate, and our books tackle topics that people care about. See www.nostarch.com for more information and our complete online catalog. (And most No Starch Press books use RepKover, a lay-flat binding that won't snap shut.)

.

Return to &Else News & Views. . .

.

Participate in your Design Center

Lots of fun and information for all... don't forget, any community is only as good as the participation of its members. We invite your tips, tricks, comments, suggestions and camaraderie.

• Ask for the DT&G Monthly: to receive DT&G newsletter each month, happenings in the Design Center and regular columns like the "Mail Bag" and "Cool Sites"
• Discuss Design & Desktop Publishing : in the Designers' CAFE
• Link to this site, and then show us the link. We'll send you any of our current door prizes, just for your trouble.
• Discuss Photoshop at Photoshop 911
• SUBMIT: a news link, new font, or product review
• REVIEW a website: posted by our readers
• SUBMIT a Website: for review in Web Design & Review
• Submit a Critique: of a popular web site, or YOUR web site!
• WIN PRIZES: in our "Question of the Month" column
• Meet Friends of the Design Center people who care!
• Become a Friend of the Design Center: and put your link on the front page
• Submit News, Views or your latest press release
• Submit your Software Review: shareware, freeware, fonts, graphics, utilities -- if you've found software you like, let DT&G readers know about it!

Learning, training, tips, tricks, and moreThe Design Bookshelf team reads and reviews the best books for the creative visual designer, desktop publishing practitioner and visual communicator. If you want to know it -- we'll show you the very best way to learn it... in the Designer's Bookshelf

Get more out of your computer: join a user group - There are computer clubs around the world called "user groups" where you find fellow computer users ready and willing to share a wealth of information. If you're not a UG member, you should be.. find a group at the User Group Network

Photoshop FAQ - Got a question? Get an answer: in the Photoshop 911 FAQ if you don't find the answer there, you can ask your question or send your problem to the Photoshop 911 Team

About The Design & Publishing Center: First established in 1994 to provide an online web site for DT&G Zine. DT&G was originally published each month on AOL and Compuserve for attendees of Fred Showker's design and publishing seminar and conference appearances. Click here to contact us   DT&G welcomes your articles, comments and contributions. Our "Writer's Guidelines" are available for those of you who would like to be published in The Design Center Publications. Help support a healthier Spam-free environment! Please read our Legal Trademark Notice & Copyright Notices. The Design & Publishing Center is owned by Showker Graphic Arts & Design, Harrisonburg, Virginia, in the beautiful Shenandoah Valley of Virginia, established in 1972 -- 540-433-8402. ALL RIGHTS RESERVED, Copyright 1994 through present Showker, Inc.