The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall

Posted On Thursday, July 17, 2008 at by must_poor

Author: Peter Hansteen
ISBN: 1593271654/9781593271657
Pages: 184
Publication Date: 2008-01-11

OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher. Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing when loading in new rules.

Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to:

  • Create rule sets for all kinds of network traffic, whether it is crossing a simple home LAN, hiding behind NAT, traversing DMZs, or spanning bridges
  • Use PF to create a wireless access point, and lock it down tight with authpf and special access restrictions
  • Maximize availability by using redirection rules for load balancing and CARP for failover
  • Use tables for proactive defense against would-be attackers and spammers
  • Set up queues and traffic shaping with ALTQ, so your network stays responsive
  • Master your logs with monitoring and visualization, because you can never be too paranoid

The Book of PF is written for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.

Download

Posted in Label: | 0 komentar

Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort

Posted On at by must_poor

Author: Michael Rash
ISBN: 1593271417/9781593271411
Pages: 336
Publication Date: 2007-09-15

System administrators need to stay ahead of new security vulnerabilities that leave their networks exposed every day. A firewall and an intrusion detection systems (IDS) are two important weapons in that fight, enabling you to proactively deny access and monitor network traffic for signs of an attack.

Linux Firewalls discusses the technical details of the iptables firewall and the Netfilter framework that are built into the Linux kernel, and it explains how they provide strong filtering, Network Address Translation (NAT), state tracking, and application layer inspection capabilities that rival many commercial tools. You'll learn how to deploy iptables as an IDS with psad and fwsnort and how to build a strong, passive authentication layer around iptables with fwknop.

Concrete examples illustrate concepts such as firewall log analysis and policies, passive network authentication and authorization, exploit packet traces, Snort ruleset emulation, and more with coverage of these topics:

  • Passive network authentication and OS fingerprinting
  • iptables log analysis and policies
  • Application layer attack detection with the iptables string match extension
  • Building an iptables ruleset that emulates a Snort ruleset
  • Port knocking vs. Single Packet Authorization (SPA)
  • Tools for visualizing iptables logs

    Perl and C code snippets offer practical examples that will help you to maximize your deployment of Linux firewalls. If you're responsible for keeping a network secure, you'll find Linux Firewalls invaluable in your attempt to understand attacks and use iptables-along with psad and fwsnort-to detect and even prevent compromises.

    • Download

    Posted in Label: | 0 komentar

    Cisco ASA, PIX, and FWSM Firewall Handbook (2nd Edition) (Networking Technology: Security)

    Posted On at by must_poor

    Author: David Hucaby
    ISBN: 1587054574/9781587054570
    Pages: 912
    Publication Date: 2007-08-09

    Cisco ASA, PIX, and FWSM Firewall Handbook, Second Edition, is a guide for the most commonly implemented features of the popular Cisco® firewall security solutions. Fully updated to cover the latest firewall releases, this book helps you to quickly and easily configure, integrate, and manage the entire suite of Cisco firewall products, including ASA, PIX®, and the Catalyst® Firewall Services Module (FWSM).

    Organized by families of features, this book helps you get up to speed quickly and efficiently on topics such as file management, building connectivity, controlling access, firewall management, increasing availability with failover, load balancing, logging, and verifying operation.

    Sections are marked by shaded tabs for quick reference, and information on each feature is presented in a concise format, with background, configuration, and example components.

    Whether you are looking for an introduction to the latest ASA, PIX, and FWSM devices or a complete reference for making the most out of your Cisco firewall deployments, Cisco ASA, PIX, and FWSM Firewall Handbook, Second Edition, helps you achieve maximum protection of your network resources.

    “Many books on network security and firewalls settle for a discussion focused primarily on concepts and theory. This book, however, goes well beyond these topics. It covers in tremendous detail the information every network and security administrator needs to know when configuring and managing market-leading firewall products from Cisco.”

    –Jason Nolet, Vice President of Engineering, Security Technology Group, Cisco

    David Hucaby, CCIE® No. 4594, is a lead network engineer for the University of Kentucky, where he works with health-care networks based on the Cisco Catalyst, ASA, FWSM, and VPN product lines. He was one of the beta reviewers of the ASA 8.0 operating system software.

    • Learn about the various firewall models, user interfaces, feature sets, and configuration methods
    • Understand how a Cisco firewall inspects traffic
    • Configure firewall interfaces, routing, IP addressing services, and IP multicast support
    • Maintain security contexts and flash and configuration files, manage users, and monitor firewalls with SNMP
    • Authenticate, authorize, and maintain accounting records for firewall users
    • Control access through the firewall by implementing transparent and routed firewall modes, address translation, and traffic shunning
    • Define security policies that identify and act on various types of traffic with the Modular Policy Framework
    • Increase firewall availability with firewall failover operation
    • Understand how firewall load balancing works
    • Generate firewall activity logs and learn how to analyze the contents of the log
    • Verify firewall operation and connectivity and observe data passing through a firewall
    • Configure Security Services Modules, such as the Content Security Control (CSC) module and the Advanced Inspection Processor (AIP) module

    This security book is part of the Cisco Press® Networking Technology Series. Security titles from Cisco Press help networking professionals secure critical data and resources, prevent and mitigate network attacks, and build end-to-end self-defending networks.

    Category: Networking: Security

    Covers: Cisco ASA 8.0, PIX 6.3, and FWSM 3.2 version firewalls

    $60.00 USA / $69.00 CAN

    Download

    Posted in Label: | 0 komentar
    Subscribe to: Posts (Atom)