Customer Reviews for

Linux Firewalls

Average Rating 5
( 1 )
Rating Distribution

5 Star

(1)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
Page 1 of 1
  • Anonymous

    Posted October 24, 2005

    Excellent addition to the SysAdmin's bookshelf

    If you are a system or network administrator, then you're concerned about security. If you're concerned about security, then you will want a copy of 'Linux Firewalls' handy. In spite of its title, 'Linux Firewalls' is about more than just firewalling. After introductory material about firewalls, and how packet-filtering firewalls work, Suehring and Ziegler dive into creating firewalls with iptables: Enabling services, blocking attacks, optimizing firewall rules, etc. They spend a decent amount of time looking at forwarding and NAT. They demonstrate some possible network setups of varying complexity, and show how to write iptables rules for those environments. The remaining third of the book explores other security tools, such as TCPDump, Snort, and AIDE. Kernel 'enhancements' SELinux and GrSecurity are discussed briefly. If that sounds like a lot of material to cover, it is. The book weighs in at over 500 pages, but it's laid out such that it's pretty easy to get to the information you need quickly. The authors have done a good job presenting such a large amount of material in a clear, easy-to-grasp fashion. Also, the book includes links to further resources in highlighted boxes is the text, and collected in an appendix, if you need to go into greater depth on a particular topic. The book is full of useful tips. For example,in the discussion of the LOG target, they explain the technique for extracting the iptables messages from the noise in /var/log/messages and directing them to their own log. This is a question that comes up repeatedly on the iptables mailing list. The trick is to use the '--log-level' switch and configure syslog to write items that come through with the specified log-level to a seperate log. You still get the occasional false positive this way, but it sure beats slogging through all the noise in /var/log/messages. I do have a couple of criticisms to make of the book. For example, to start the firewall at boot time, the authors recommend ieither using the 'iptables save' function (Red Hat), or adding a line to rc.local. The problem with the former is that 'iptables save' is, as the authors point out, not terribly reliable. Furthermore, if you're using a script to generate your firewall rules, then your rules are already saved. The problem with rc.local is that then the firewall will start after the network is up and services are listening. I prefer to write an init script and use the chkconfig utility (Red Hat/SuSE) to bring up the firewall rules before the network. The biggest omission from the book is any information on bridge firewalls. A bridge can be very useful for putting a transparent firewall onto your network. I am surprised that there is not even a mention of bridging, or ebtables (the userspace bridge tools), since bridging is now part of the standard kernel. Iptables can also be made to work with the bridge module. Pointing out this omission may not be a completely fair criticism: I have yet to see a firewall book that covers bridging with Linux and ebtables (or iptables). Nonetheless, 'Linux Firewalls' is a very nice addition to my library. This book will live either on my desk, or on any easily-accessed shelf nearby. DISCLOSURE: The publisher sent me a copy of this book for review.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews
Page 1 of 1