This practical guide teaches you how to implement effective network protection by using your own customized firewall solution. Based on extensive practical experience, this book distills a unique set of scenario based scripts and guidelines for a proven firewall solution, into one succinct and precise book. This book is aimed at Linux Network administrators with some understanding of Linux security threats and issues, or any one interested in securing their systems behind a firewall. Basic knowledge of Linux is presumed but other than that this book shows you how to do the rest, from configuring your system to dealing with security breaches.
Designing and Implementing Linux Firewalls and QoS using...
and over one million other books are available for Amazon Kindle.
Learn more
| |||||||||||||||
Book Description
Frequently Bought Together
Editorial Reviews
About the Author
Lucian Gheorghe
Lucian Gheorghe has just joined the Global NOC of Interoute, Europe's largest voice and data network provider. Before Interoute, he was working as a senior network engineer for Globtel Internet, a significant Internet and Telephony Services Provider to the Romanian market He has been working with Linux for more than 8 years putting a strong accent on security for protecting vital data from hackers and ensuring good quality services for internet customers. Moving to VoIP services he had to focus even more on security as sensitive billing data is most often stored on servers with public IP addresses. He has been studying QoS implementations on Linux to build different types of services for IP customers and also to deliver good quality for them and for VoIP over the public internet. Lucian has also been programming with Perl, PHP and Smarty for over 5 years mostly developing in-house management interfaces for IP and VoIP services.
Product Details
Would you like to update product info or give feedback on images?
|
Customer Reviews
|
Share your thoughts with other customers:
|
||||||||||||||||||||||
|
Most Helpful Customer Reviews
3 of 3 people found the following review helpful:
5.0 out of 5 stars
Very good book,
By
This review is from: Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter (Paperback)
If you like opensource, QoS, Firewalls... this book would be what you need.
If you are netadmin, sysadmin or you are an IT guy and learn this book, you can limit p2p/bittorrent traffic, guarantee bandwith for some services like http, ftp, voip, etc. (QoS), you can protect your network with firewalls. First in chapter 1 we learn about Networking Fundamentals, then in chapter 2, about Security Threats in every OSI layer. After that we are ready to learn about basis of netfilter and iproute (Firewall and QoS). In next chapters, show us how to do layer 7 filtering, practical QoS and more advanced things. Then we apply this knowledge in a very practical serie of scenerios that come later in the book. Very good book, I recomend this to you.
3 of 3 people found the following review helpful:
3.0 out of 5 stars
Disappointing,
Amazon Verified Purchase(What's this?)
This review is from: Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter (Paperback)
For some this might be a great book. For me, I found the title misleading. I was mainly interested in the QoS aspect as there are already excellent books available on firewalling and NAT.
The QoS seemed to be mostly an afterthought. The QoS policies utilized were tailored to the example networks but there was no discussion of generic QoS capabilities. The biggest gripe though, is that there was Zero coverage of DSCP and/or 802.1q packet tagging. This book considers queue scheduling based on netfilter or L7-filter to be all that exists as far as QoS is concerned. If you want treatment of DSCP or 802.1p look elsewhere. P.S. This book is cookbook format. Don't expect to learn the intricate details. It is not a bad book if that is what you are looking for but if you want a more "textbook" style book with complete coverage you will be disappointed.
4.0 out of 5 stars
Great for Linux Firewall beginners,
Amazon Verified Purchase(What's this?)
This review is from: Designing and Implementing Linux Firewalls with QoS using netfilter, iproute2, NAT and L7-filter (Paperback)
For the ones, as myself, who use Linux for some time and wish to learn how to build firewalls using it, this is the book.
The language is extremely accessible and objective, unlike the majority of the many tutorials on this subject found on the net. It goes from the very basics with a good, and not boring, theoric base, and advances in a practical hands-on way, from a simple firewall script for a Linux Workstation to a complex structure of different firewalls connecting branches from a large company serving and using a great array of internet services. The only buts I found were a couple of differences in behavior in some firewall rules, that produced a different result from the described in the book when I implemented them. However, they were easily corrected after a little traffic monitoring and googling. Probably from differences in Linux flavor or packet versions used. My advice is the same as always, test everything well before putting anything in production. Bottom line is, best book I found to learn Linux Firewalls. Worth every cent.
Share your thoughts with other customers: Create your own review
|
|
Inside This Book
(learn more)
Key Phrases - Statistically Improbable Phrases (SIPs):
(learn more)
sfq quantum, add dev ethl parent, htb rate, root qdisc, kbit prio, class add dev, cbq bandwidth, htb default, qdisc add dev, filter add dev, qdisc del dev, ethl root handle, class cbq, pkts bytes target prot opt, other core routers, patching file, mangle table, netfilter table, inet static address, flush rules, nat irc, firewall script, subversion server, peering connections, nat table Key Phrases - Capitalized Phrases (CAPs): (learn more)
Medium Networks Case Studies, Firewall Prerequisites, Distribution Network, Packet Mancdini, Internet Protocol, Securitij Threats, Netfilter Configuration, Kunihiro Ishiguro, User Access Verification Password, Network Address Translation, Type of Service, Border Gateway Protocol, Local Address Foreign Address State, Database Replication, Radio Tower Long, Active Internet, Gigabit Ethernet, Virtual Private Network, Intranet Server Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
sfq quantum, add dev ethl parent, htb rate, root qdisc, kbit prio, class add dev, cbq bandwidth, htb default, qdisc add dev, filter add dev, qdisc del dev, ethl root handle, class cbq, pkts bytes target prot opt, other core routers, patching file, mangle table, netfilter table, inet static address, flush rules, nat irc, firewall script, subversion server, peering connections, nat table Key Phrases - Capitalized Phrases (CAPs): (learn more)
Medium Networks Case Studies, Firewall Prerequisites, Distribution Network, Packet Mancdini, Internet Protocol, Securitij Threats, Netfilter Configuration, Kunihiro Ishiguro, User Access Verification Password, Network Address Translation, Type of Service, Border Gateway Protocol, Local Address Foreign Address State, Database Replication, Radio Tower Long, Active Internet, Gigabit Ethernet, Virtual Private Network, Intranet Server Browse Sample Pages:
Front Cover | Table of Contents | First Pages | Index | Back Cover | Surprise Me!
What Other Items Do Customers Buy After Viewing This Item?
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
