Troubleshooting Linux Firewalls - Shinn, Michael; Shinn, Scott
36,99
versandkostenfrei*

Preis in Euro, inkl. MwSt.
Versandfertig in 2-4 Wochen
18 °P sammeln

    Gebundenes Buch

Helps sys admins pinpoint the most often encountered problems with Linux firewalls and suggests causes and effective solutions.
Security experts Stephen Northcutt and Ed Skoudis have confirmed that there is a gap in existing books as far as diagnostics are concerned--this book fills that gap.
Shinn and Shinn are accomplished technologists and entrepreneurs with stellar credentials in security services--including positions at the White House.
Covers Red Hat and SuSE distributions.
While Linux firewalls are inexpensive and quite reliable, they lack the support component of their
…mehr

Produktbeschreibung
Helps sys admins pinpoint the most often encountered problems with Linux firewalls and suggests causes and effective solutions.

Security experts Stephen Northcutt and Ed Skoudis have confirmed that there is a gap in existing books as far as diagnostics are concerned--this book fills that gap.

Shinn and Shinn are accomplished technologists and entrepreneurs with stellar credentials in security services--including positions at the White House.

Covers Red Hat and SuSE distributions.

While Linux firewalls are inexpensive and quite reliable, they lack the support component of their commerical counterparts. As a result, most users of Linux firewalls have to resort to mailing lists to solve their problems. Our authors have scoured firewall mailing lists and have compiled a list of the most often encountered problems in Linux firewalling. This book takes a Chilton's manual diagnostic approach to solving these problems. The book begins by presenting the two most common Linux firewall configurations and demonstrates how to implement these configurations in an imperfect network environment, not in an ideal one. Then, the authors proceed to present a methodology for analyzing each problem at various network levels: cabling, hardware components, protocols, services, and applications. The authors include diagnostic scripts which the readers can use to analyze and solve their particular Linux firewall problems. The reference distributions are Red Hat and SuSE (for international market). Product Description
While Linux firewalls are inexpensive and quite reliable, they lack the supportcomponent of their commerical counterparts. As a result, most users of Linuxfirewalls have to resort to mailing lists to solve their problems. Our authorshave scoured firewall mailing lists and have compiled a list of the most oftenencountered problems in Linux firewalling. This book takes a Chilton's manualdiagnostic approach to solving these problems.The book begins by presenting the two most common Linux firewallconfigurations and demonstrates how to implement these configurations in animperfect network environment, not in an ideal one. Then, the authors proceedto present a methodology for analyzing each problem at various network levels:cabling, hardware components, protocols, services, and applications. Theauthors include diagnostic scripts which the readers can use to analyze andsolve their particular Linux firewall problems. The reference distributions areRed Hat and SuSE (for international market).

Backcover
Covers Red Hat and SUSE

When something goes wrong with your Linux firewall, you need to fix it-right now. You don't have time for endless newsgroup searches, confusing man pages, emails to the developers... it's an emergency! One book brings together all the step-by-step solutions and proven problem-solving techniques you'll need when the time comes: Troubleshooting Linux® Firewalls.

Authors Michael Shinn and Scott Shinn are among the world's leading firewall experts; they've even been hired to protect computer security at the White House. In this book, they cover every area where Linux firewalls can go wrong: rules and filtering problems, Layer 2/3/4 issues, trouble with individual services, DNS/DHCP failures, even misconfigured VPNs. They also present an easy, start-to-finish troubleshooting methodology that'll help you identify even the newest or most obscure firewall problem fast-and solve it!

Inside, you will find in-depth information on the following areas:

What you must know about iptables and netfilter to troubleshoot and avoid problems

Using loggers, sniffers, and other tools to diagnose even the most obscure firewall problems

Making sure your firewall rules work the way they're supposed to

Resolving problems with Network Address Translation and IP Forwarding

Troubleshooting SMTP, Apache, Squid, NFS, FTP, instant messaging, and other Web-based services

Finding and fixing common problems with IPsec VPN configuration

Making your firewalls more failure-resistant: recommendations from the experts

If you depend on a Linux firewall, what will you do if it goes down? With Troubleshooting Linux® Firewalls, you can be confident that the solutions are right at hand-so you can sleep at night!

© Copyright Pearson Education. All rights reserved.

I. GETTING STARTED.

1. Introduction.

Why We Wrote This Book

How This Book Is Organized

Goals of This Book

The Methodical Approach and the Need for a Methodology

Firewalls, Security, and Risk Management

How to Think About Risk Management

Computer Security Principles

Firewall Recommendations and Definitions

Why Do I Need a Firewall?

Do I Need More Than a Firewall?

What Kinds of Firewalls Are There?

Firewall Types

The Myth of Trustworthy or Secure Software

Know Your Vulnerabilities

Creating Security Policies

Training

Defense in Depth

Summary

2. Getting Started.

Risk Management

Basic Elements of Risk Management

Seven Steps to Managing Risk

Phase I: Analyze

Inventory

Quantify the Value of the Asset

Threat Analysis

Phase II: Document

Create Your Plan

Create a Security Policy

Create Security Procedures

Phase III: Secure the Enterprise

Implement Policies

Implement Procedures

Deploy Security Technology and Counter Measures

Securing the Firewall Itself

Isolating Assets

Filtering

Ingress/Egress Filtering

Phase IV: Implement Monitoring

Phase V: Test

Phase VI: Integrate

Phase VII: Improve

Summary

3. Local Firewall Security.

The Importance of Keeping Your Software Up to Date

yum

red carpet

up2date

emerge

apt-get

Over Reliance on Patching

Turning Off Services

Using TCP Wrappers and Firewall Rules

Running Services with Least Privilege

Restricting the File System

Security Tools to Install

Log Monitoring Tools

Network Intrusion Detection

Host Intrusion Detection

Remote Logging

Correctly Configure the Software You Are Using

Use a Hardened Kernel

Other Hardening Steps

Summary

4. Troubleshooting Methodology.

Problem Solving Methodology

Recognize, Define, and Isolate the Problem

Gather Facts

Define What the End State Should Be

Develop Possible Solutions and Create an Action Plan

Analyze and Compare Possible Solutions

Select and Implement the Solution

Critically Analyze the Solution for Effectiveness

Repeat the Process Until You Resolve the Problem

Finding the Answers or...Why Search Engines Are Your Friend

Websites

Summary

II. TOOLS AND INTERNALS.

5. The OSI Model: Start from the Beginning.

Internet Protocols at a Glance

Understanding the Internet Protocol (IP)

Understanding ICMP

Understanding TCP

Understanding UDP

Troubleshooting with This Perspective in Mind

Summary

6. netfilter and iptables Overview.

How netfilter Works

How netfilter Parses Rules

Netfilter States

What about Fragmentation?

Taking a Closer Look at the State Engine

Summary

7. Using iptables.

Proper iptables Syntax

Examples of How the Connection Tracking Engine Works

Applying What Has Been Covered So Far by Implementing Good Rules

Setting Up an Example Firewall

Kernel Options

iptables Modules

Firewall Rules

Quality of Service Rules

Port Scan Rules

Bad Flag Rules

Bad IP Options Rules

Small Packets and Rules to Deal with Them

Rules To Detect Data in Packets Using the String Module

Invalid Packets and Rules to Drop Them

A Quick Word on Fragments

SYN Floods

Polite Rules

Odd Port Detection and Rules to Deny Connections to Them

Silently Drop Packets You Don't Care About

Enforcement Rules

IP Spoofing Rules

Egress Filtering

Send TCP Reset for AUTH Connections

Playing Around with TTL Values

State Tracking Rules

STEALTH Rules

Shunning Bad Guys

ACCEPT Rules

Summary

8. A Tour of Our Collective Toolbox.

Old Faithful

Sniffers

Analyzing Traffic Utilization

Network Traffic Analyzers

Useful Control Tools

Network Probes

Probing Tools

Firewall Management and Rule Building

Summary

9. Diagnostics.

Diagnostic Logging

Scripts To Do This for You

The catch all Logging Rule

The iptables TRACE Patch
Covers Red Hat and SUSE When something goes wrong with your Linux firewall, you need to fix it
  • Produktdetails
  • Verlag: Addison-Wesley Longman, Amsterdam
  • Seitenzahl: 369
  • Erscheinungstermin: Dezember 2004
  • Englisch
  • Abmessung: 232mm x 175mm x 18mm
  • Gewicht: 565g
  • ISBN-13: 9780321227232
  • ISBN-10: 0321227239
  • Artikelnr.: 13583532