Linux Firewalls. Attack Detection and Response with Iptables, Psad, and Fwsnort
Buy a book... In Association with Amazon.co.uk
Author(s): M. Rash
Publisher: No Starch Press
ISBN: 9781593271411
Format: softback
308pp
Price: $49.95
Review Date: 06 December 2007
Review: An intrusion detection system (IDS) and a firewall enable you to proactively monitor network traffic for signs of an attack and proactively deny access. Here Michael Rash discusses the technical details of the iptables firewall and Netfilter framework that are built into the Linux kernel and explains how they provide strong filtering, Network Address Translation, state tracking, and application layer inspection capabilities that rival may commercial tools. He explains how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.