Linux iptables Pocket Reference

Firewalls, NAT & Accounting

DOWNLOAD NOW »

Author: Gregor N. Purdy

Publisher: "O'Reilly Media, Inc."

ISBN: 9781449378981

Category: Computers

Page: 98

View: 3519

Firewalls, Network Address Translation (NAT), network logging and accounting are all provided by Linux's Netfilter system, also known by the name of the command used to administer it, iptables. The iptables interface is the most sophisticated ever offered onLinux and makes Linux an extremely flexible system for any kind of network filtering you might do. Large sets of filtering rules can be grouped in ways that makes it easy to test them and turn them on and off.Do you watch for all types of ICMP traffic--some of them quite dangerous? Can you take advantage of stateful filtering to simplify the management of TCP connections? Would you like to track how much traffic of various types you get?This pocket reference will help you at those critical moments when someone asks you to open or close a port in a hurry, either to enable some important traffic or to block an attack. The book will keep the subtle syntax straight and help you remember all the values you have to enter in order to be as secure as possible. The book has an introductory section that describes applications,followed by a reference/encyclopaedic section with all the matches and targets arranged alphabetically.

Linux Firewalls

Enhancing Security with nftables and Beyond

DOWNLOAD NOW »

Author: Steve Suehring

Publisher: Addison-Wesley Professional

ISBN: 0134000196

Category: Computers

Page: 432

View: 8613

The Definitive Guide to Building Firewalls with Linux As the security challenges facing Linux system and network administrators have grown, the security tools and techniques available to them have improved dramatically. In Linux® Firewalls, Fourth Edition, long-time Linux security expert Steve Suehring has revamped his definitive Linux firewall guide to cover the important advances in Linux security. An indispensable working resource for every Linux administrator concerned with security, this guide presents comprehensive coverage of both iptables and nftables. Building on the solid networking and firewalling foundation in previous editions, it also adds coverage of modern tools and techniques for detecting exploits and intrusions, and much more. Distribution neutral throughout, this edition is fully updated for today’s Linux kernels, and includes current code examples and support scripts for Red Hat/Fedora, Ubuntu, and Debian implementations. If you’re a Linux professional, it will help you establish an understanding of security for any Linux system, and for networks of all sizes, from home to enterprise. Inside, you’ll find just what you need to Install, configure, and update a Linux firewall running either iptables or nftables Migrate to nftables, or take advantage of the latest iptables enhancements Manage complex multiple firewall configurations Create, debug, and optimize firewall rules Use Samhain and other tools to protect filesystem integrity, monitor networks, and detect intrusions Harden systems against port scanning and other attacks Uncover exploits such as rootkits and backdoors with chkrootkit

OSSEC Host-Based Intrusion Detection Guide

DOWNLOAD NOW »

Author: Rory Bray,Daniel Cid,Andrew Hay

Publisher: Syngress

ISBN: 9780080558776

Category: Computers

Page: 416

View: 2681

This book is the definitive guide on the OSSEC Host-based Intrusion Detection system and frankly, to really use OSSEC you are going to need a definitive guide. Documentation has been available since the start of the OSSEC project but, due to time constraints, no formal book has been created to outline the various features and functions of the OSSEC product. This has left very important and powerful features of the product undocumented...until now! The book you are holding will show you how to install and configure OSSEC on the operating system of your choice and provide detailed examples to help prevent and mitigate attacks on your systems. -- Stephen Northcutt OSSEC determines if a host has been compromised in this manner by taking the equivalent of a picture of the host machine in its original, unaltered state. This "picture" captures the most relevant information about that machine's configuration. OSSEC saves this "picture" and then constantly compares it to the current state of that machine to identify anything that may have changed from the original configuration. Now, many of these changes are necessary, harmless, and authorized, such as a system administrator installing a new software upgrade, patch, or application. But, then there are the not-so-harmless changes, like the installation of a rootkit, trojan horse, or virus. Differentiating between the harmless and the not-so-harmless changes determines whether the system administrator or security professional is managing a secure, efficient network or a compromised network which might be funneling credit card numbers out to phishing gangs or storing massive amounts of pornography creating significant liability for that organization. Separating the wheat from the chaff is by no means an easy task. Hence the need for this book. The book is co-authored by Daniel Cid, who is the founder and lead developer of the freely available OSSEC host-based IDS. As such, readers can be certain they are reading the most accurate, timely, and insightful information on OSSEC. * Nominee for Best Book Bejtlich read in 2008! * http://taosecurity.blogspot.com/2008/12/best-book-bejtlich-read-in-2008.html • Get Started with OSSEC Get an overview of the features of OSSEC including commonly used terminology, pre-install preparation, and deployment considerations. • Follow Steb-by-Step Installation Instructions Walk through the installation process for the "local , “agent , and "server" install types on some of the most popular operating systems available. • Master Configuration Learn the basic configuration options for your install type and learn how to monitor log files, receive remote messages, configure email notification, and configure alert levels. • Work With Rules Extract key information from logs using decoders and how you can leverage rules to alert you of strange occurrences on your network. • Understand System Integrity Check and Rootkit Detection Monitor binary executable files, system configuration files, and the Microsoft Windows registry. • Configure Active Response Configure the active response actions you want and bind the actions to specific rules and sequence of events. • Use the OSSEC Web User Interface Install, configure, and use the community-developed, open source web interface available for OSSEC. • Play in the OSSEC VMware Environment Sandbox • Dig Deep into Data Log Mining Take the “high art of log analysis to the next level by breaking the dependence on the lists of strings or patterns to look for in the logs.

SELinux Cookbook

DOWNLOAD NOW »

Author: Sven Vermeulen

Publisher: Packt Publishing Ltd

ISBN: 178398967X

Category: Computers

Page: 240

View: 2529

If you are a Linux system administrator or a Linux-based service administrator and want to fine-tune SELinux to implement a supported, mature, and proven access control system, then this book is for you. Basic experience with SELinux enabled distributions is expected.

Snort 2.1 Intrusion Detection, Second Edition

DOWNLOAD NOW »

Author: Brian Caswell,Jay Beale

Publisher: Elsevier

ISBN: 9780080480992

Category: Computers

Page: 608

View: 5984

Called "the leader in the Snort IDS book arms race" by Richard Bejtlich, top Amazon reviewer, this brand-new edition of the best-selling Snort book covers all the latest features of a major upgrade to the product and includes a bonus DVD with Snort 2.1 and other utilities. Written by the same lead engineers of the Snort Development team, this will be the first book available on the major upgrade from Snort 2 to Snort 2.1 (in this community, major upgrades are noted by .x and not by full number upgrades as in 2.0 to 3.0). Readers will be given invaluable insight into the code base of Snort, and in depth tutorials of complex installation, configuration, and troubleshooting scenarios. Snort has three primary uses: as a straight packet sniffer, a packet logger, or as a full-blown network intrusion detection system. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes. Snort uses a flexible rules language to describe traffic that it should collect or pass, a detection engine that utilizes a modular plug-in architecture, and a real-time alerting capability. A CD containing the latest version of Snort as well as other up-to-date Open Source security utilities will accompany the book. Snort is a powerful Network Intrusion Detection System that can provide enterprise wide sensors to protect your computer assets from both internal and external attack. * Completly updated and comprehensive coverage of snort 2.1 * Includes free CD with all the latest popular plug-ins * Provides step-by-step instruction for installing, configuring and troubleshooting

Practical Packet Analysis, 3E

Using Wireshark to Solve Real-World Network Problems

DOWNLOAD NOW »

Author: Chris Sanders

Publisher: No Starch Press

ISBN: 1593278292

Category: Computers

Page: 368

View: 1541

It’s easy to capture packets with Wireshark, the world’s most popular network sniffer, whether off the wire or from the air. But how do you use those packets to understand what’s happening on your network? Updated to cover Wireshark 2.x, the third edition of Practical Packet Analysis will teach you to make sense of your packet captures so that you can better troubleshoot network problems. You’ll find added coverage of IPv6 and SMTP, a new chapter on the powerful command line packet analyzers tcpdump and TShark, and an appendix on how to read and reference packet values using a packet map. Practical Packet Analysis will show you how to: –Monitor your network in real time and tap live network communications –Build customized capture and display filters –Use packet analysis to troubleshoot and resolve common network problems, like loss of connectivity, DNS issues, and slow speeds –Explore modern exploits and malware at the packet level –Extract files sent across a network from packet captures –Graph traffic patterns to visualize the data flowing across your network –Use advanced Wireshark features to understand confusing captures –Build statistics and reports to help you better explain technical network information to non-techies No matter what your level of experience is, Practical Packet Analysis will show you how to use Wireshark to make sense of any network and get things done.

The Book of Xen

A Practical Guide for the System Administrator

DOWNLOAD NOW »

Author: Chris Takemura,Luke S. Crawford

Publisher: No Starch Press

ISBN: 1593271867

Category: Computers

Page: 312

View: 2484

Xen allows administrators to run many virtual operating systems on one physical server, including Linux, BSD, OpenSolaris, and Microsoft Windows. In the process, users save money on hardware, maintenance, and electricity. Not only is Xen open source, the Xen hypervisor (the virtual machine monitor) is the best-performing hypervisor available. "The Book of Xen" explains everything a sysadmin needs to know to use this powerful technology, with coverage of installation, networking, virtualized storage, and managing guest and host operating systems. Written for administrators who have worked with *NIX before but who may be new to virtualization, "The Book of Xen" covers both the basics and the trickier aspects of Xen administration, like profiling and benchmarks, migration, XenSource administration, and hardware assisted virtualization (HVM).

Cisco Routers for the Desperate, 2nd Edition

Router Management, the Easy Way

DOWNLOAD NOW »

Author: Michael W. Lucas

Publisher: No Starch Press

ISBN: 1593272235

Category: Computers

Page: 144

View: 2322

Cisco routers and switches are the cornerstones of many networks. But when things break, repairs can intimidate even the most competent administrator. Luckily, just knowing the "in case of emergency" basics will take you far. Just like the original, this second edition of the highly acclaimed Cisco Routers for the Desperate is written for the administrator in crisis mode. Updated to cover switches and the latest Cisco terminology, with a tighter focus on the needs of the small network administrator, this second edition gives you what you need to know to provide reliable network services and fix problems fast. You'll find coverage of: –Installation—how to get your router and network connections up and running right the first time –Troubleshooting routers and switches, so that you can determine whether your hardware or the Internet is broken –Security concerns, like how to keep your network equipment safe from hackers and install a private network between two offices –How to implement basic network redundancy to reduce the risk of network downtime Cisco Routers for the Desperate, 2nd Edition is designed to be read once and left alone until something breaks. When it does, you'll have everything you need to know in one easy-to-follow guidebook.

Pro Linux System Administration

Learn to Build Systems for Your Business Using Free and Open Source Software

DOWNLOAD NOW »

Author: Dennis Matotek,James Turnbull,Peter Lieverdink

Publisher: Apress

ISBN: 1484220080

Category: Computers

Page: 998

View: 4738

Implement a SOHO or SMB Linux infrastructure to expand your business and associated IT capabilities. Backed by the expertise and experienced guidance of the authors, this book provides everything you need to move your business forward. Pro Linux System Administration makes it easy for small- to medium–sized businesses to enter the world of zero–cost software running on Linux and covers all the distros you might want to use, including Red Hat, Ubuntu, Debian, and CentOS. Pro Linux System Administration takes a layered, component–based approach to open source business systems, while training system administrators as the builders of business infrastructure. Completely updated for this second edition, Dennis Matotek takes you through an infrastructure-as-code approach, seamlessly taking you through steps along the journey of Linux administration with all you need to master complex systems. This edition now includes Jenkins, Ansible, Logstash and more. What You'll Learn: Understand Linux architecture Build, back up, and recover Linux servers Create basic networks and network services with Linux Build and implement Linux infrastructure and services including mail, web, databases, and file and print Implement Linux security Resolve Linux performance and capacity planning issues Who This Book Is For: Small to medium–sized business owners looking to run their own IT, system administrators considering migrating to Linux, and IT systems integrators looking for an extensible Linux infrastructure management approach.

Linux Firewalls

DOWNLOAD NOW »

Author: Robert Loren Ziegler,Carl B. Constantine

Publisher: Sams Publishing

ISBN: 9780735710993

Category: Computers

Page: 562

View: 4243

Updating the highly successful first edition to cover the Linux 2.4 kernel. Author Ziegler is a router security architect who is well respected in the Open Source community as a firewall expert. Includes extensive coverage of iptables, the biggest additional change to the 2.4 kernel.

Firewalls and Internet Security

Repelling the Wily Hacker

DOWNLOAD NOW »

Author: William R. Cheswick,Steven M. Bellovin,Aviel D. Rubin

Publisher: Addison-Wesley Professional

ISBN: 9780201634662

Category: Computers

Page: 433

View: 8154

Introduces the authors' philosophy of Internet security, explores possible attacks on hosts and networks, discusses firewalls and virtual private networks, and analyzes the state of communication security.

Intrusion Detection Systems with Snort

Advanced IDS Techniques Using Snort, Apache, MySQL, PHP, and ACID

DOWNLOAD NOW »

Author: Rafeeq Ur Rehman

Publisher: Prentice Hall Professional

ISBN: 9780131407336

Category: Computers

Page: 263

View: 9325

This guide to Open Source intrusion detection tool SNORT features step-by-step instructions on how to integrate SNORT with other open source products. The book contains information and custom built scripts to make installation easy.

The Tao of Network Security Monitoring

Beyond Intrusion Detection

DOWNLOAD NOW »

Author: Richard Bejtlich

Publisher: Pearson Education

ISBN: 9780132702041

Category: Computers

Page: 832

View: 6544

"The book you are about to read will arm you with the knowledge you need to defend your network from attackers—both the obvious and the not so obvious.... If you are new to network security, don't put this book back on the shelf! This is a great book for beginners and I wish I had access to it many years ago. If you've learned the basics of TCP/IP protocols and run an open source or commercial IDS, you may be asking 'What's next?' If so, this book is for you." —Ron Gula, founder and CTO, Tenable Network Security, from the Foreword "Richard Bejtlich has a good perspective on Internet security—one that is orderly and practical at the same time. He keeps readers grounded and addresses the fundamentals in an accessible way." —Marcus Ranum, TruSecure "This book is not about security or network monitoring: It's about both, and in reality these are two aspects of the same problem. You can easily find people who are security experts or network monitors, but this book explains how to master both topics." —Luca Deri, ntop.org "This book will enable security professionals of all skill sets to improve their understanding of what it takes to set up, maintain, and utilize a successful network intrusion detection strategy." —Kirby Kuehl, Cisco Systems Every network can be compromised. There are too many systems, offering too many services, running too many flawed applications. No amount of careful coding, patch management, or access control can keep out every attacker. If prevention eventually fails, how do you prepare for the intrusions that will eventually happen? Network security monitoring (NSM) equips security staff to deal with the inevitable consequences of too few resources and too many responsibilities. NSM collects the data needed to generate better assessment, detection, and response processes—resulting in decreased impact from unauthorized activities. In The Tao of Network Security Monitoring , Richard Bejtlich explores the products, people, and processes that implement the NSM model. By focusing on case studies and the application of open source tools, he helps you gain hands-on knowledge of how to better defend networks and how to mitigate damage from security incidents. Inside, you will find in-depth information on the following areas. The NSM operational framework and deployment considerations. How to use a variety of open-source tools—including Sguil, Argus, and Ethereal—to mine network traffic for full content, session, statistical, and alert data. Best practices for conducting emergency NSM in an incident response scenario, evaluating monitoring vendors, and deploying an NSM architecture. Developing and applying knowledge of weapons, tactics, telecommunications, system administration, scripting, and programming for NSM. The best tools for generating arbitrary packets, exploiting flaws, manipulating traffic, and conducting reconnaissance. Whether you are new to network intrusion detection and incident response, or a computer-security veteran, this book will enable you to quickly develop and apply the skills needed to detect, prevent, and respond to new and emerging threats.

Nessus, Snort, and Ethereal Power Tools

Customizing Open Source Security Applications

DOWNLOAD NOW »

Author: Brian Caswell,Jay Beale,Gilbert Ramirez,Noam Rathaus

Publisher: Elsevier

ISBN: 9780080489421

Category: Computers

Page: 400

View: 4797

Nessus, Snort, and Ethereal Power Tools covers customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethereal to sniff their network for malicious or unusual traffic. The book contains an appendix detailing the best of the rest open source security tools. Each of these tools is intentionally designed to be highly customizable so that users can torque the programs to suit their particular needs. Users can code their own custom rules, plug-ins, and filters that are tailor-made to fit their own networks and the threats which they most commonly face. The book describes the most important concepts of coding and customizing tools, and then provides readers with invaluable working scripts that can either be used as is or further refined by using knowledge gained from the book. Snort, Nessus, and Ethereal are the three most popular open source security tools in the world Only book that teaches readers how to customize these tools for their specific needs by coding rules, plugins, and filters Companion Web site provides all working code and scripts from the book for download

The Official Damn Small Linux Book

The Tiny Adaptable Linux that Runs on Anything

DOWNLOAD NOW »

Author: Robert Shingledecker,John Andrews,Chris Negus

Publisher: Pearson Education

ISBN: 0132338696

Category: Computers

Page: 426

View: 4712

The official guide to making the most out of the smallest, fastest Linux distribution.

How Linux Works, 2nd Edition

What Every Superuser Should Know

DOWNLOAD NOW »

Author: Brian Ward

Publisher: No Starch Press

ISBN: 1593275676

Category: Computers

Page: 392

View: 7243

Unlike some operating systems, Linux doesn’t try to hide the important bits from you—it gives you full control of your computer. But to truly master Linux, you need to understand its internals, like how the system boots, how networking works, and what the kernel actually does. In this completely revised second edition of the perennial best seller How Linux Works, author Brian Ward makes the concepts behind Linux internals accessible to anyone curious about the inner workings of the operating system. Inside, you’ll find the kind of knowledge that normally comes from years of experience doing things the hard way. You’ll learn: * How Linux boots, from boot loaders to init implementations (systemd, Upstart, and System V) * How the kernel manages devices, device drivers, and processes * How networking, interfaces, firewalls, and servers work * How development tools work and relate to shared libraries * How to write effective shell scripts You’ll also explore the kernel and examine key system tasks inside user space, including system calls, input and output, and filesystems. With its combination of background, theory, real-world examples, and patient explanations, How Linux Works will teach you what you need to know to solve pesky problems and take control of your operating system.

Snort 2.1 Intrusion Detection

DOWNLOAD NOW »

Author: Brian Caswell,Mike Poor

Publisher: Grada Publishing a.s.

ISBN: 8024714809

Category: Computers

Page: 716

View: 8108

Discusses the intrusion detection system and explains how to install, configure, and troubleshoot it.

Building Internet Firewalls

Internet and Web Security

DOWNLOAD NOW »

Author: Elizabeth D. Zwicky,Simon Cooper,D. Brent Chapman

Publisher: "O'Reilly Media, Inc."

ISBN: 9780596551889

Category: Computers

Page: 896

View: 9585

In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated Building Internet Firewalls to address these newer risks. What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines. Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down. Like the bestselling and highly respected first edition, Building Internet Firewalls, 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes: Firewall technologies: packet filtering, proxying, network address translation, virtual private networks Architectures such as screening routers, dual-homed hosts, screened hosts, screened subnets, perimeter networks, internal firewalls Issues involved in a variety of new Internet services and protocols through a firewall Email and News Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo) File transfer and sharing services such as NFS, Samba Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000 Real-time conferencing services such as ICQ and talk Naming and directory services (e.g., DNS, NetBT, the Windows Browser) Authentication and auditing services (e.g., PAM, Kerberos, RADIUS); Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics) Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP) Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server) The book's complete list of resources includes the location of many publicly available firewall construction tools.

Pro Linux System Administration

Learn to Build Systems for Your Business Using Free and Open Source Software

DOWNLOAD NOW »

Author: Dennis Matotek,James Turnbull,Peter Lieverdink

Publisher: Apress

ISBN: 1484220080

Category: Computers

Page: 998

View: 6179

Implement a SOHO or SMB Linux infrastructure to expand your business and associated IT capabilities. Backed by the expertise and experienced guidance of the authors, this book provides everything you need to move your business forward. Pro Linux System Administration makes it easy for small- to medium–sized businesses to enter the world of zero–cost software running on Linux and covers all the distros you might want to use, including Red Hat, Ubuntu, Debian, and CentOS. Pro Linux System Administration takes a layered, component–based approach to open source business systems, while training system administrators as the builders of business infrastructure. Completely updated for this second edition, Dennis Matotek takes you through an infrastructure-as-code approach, seamlessly taking you through steps along the journey of Linux administration with all you need to master complex systems. This edition now includes Jenkins, Ansible, Logstash and more. What You'll Learn: Understand Linux architecture Build, back up, and recover Linux servers Create basic networks and network services with Linux Build and implement Linux infrastructure and services including mail, web, databases, and file and print Implement Linux security Resolve Linux performance and capacity planning issues Who This Book Is For: Small to medium–sized business owners looking to run their own IT, system administrators considering migrating to Linux, and IT systems integrators looking for an extensible Linux infrastructure management approach.