Best Books of the Month Shop Costumes Learn more nav_sap_plcc_6M_fly_beacon $5 Albums All-New Amazon Fire TV Grocery Amazon Gift Card Offer gdwf gdwf gdwf  Amazon Echo Starting at $49.99 Kindle Voyage AutoRip in CDs & Vinyl Fall Arrivals in Amazon Outdoor Clothing Halloween
Linux Firewalls (3rd Edition) and over one million other books are available for Amazon Kindle. Learn more

Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.

  • Apple
  • Android
  • Windows Phone
  • Android

To get the free app, enter your email address or mobile phone number.

Linux Firewalls (2nd Edition) 2nd Edition

43 customer reviews
ISBN-13: 978-0735710993
ISBN-10: 0735710996
Why is ISBN important?
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
Buy used
Condition: Used: Like New
Comment: Used, but looks brand new. Only very slight signs of use. Cover and binding are undamaged, and pages are crisp and unmarked. Unbeatable customer service, and we usually ship the same or next day. Over one million satisfied customers!
Access codes and supplements are not guaranteed with used items.
27 Used from $0.01
More Buying Choices
10 New from $38.42 27 Used from $0.01

There is a newer edition of this item:

Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

Save Up to 90% on Textbooks Textbooks

Editorial Reviews Review

TCP/IP packet handling may seem crystal clear when you first hear about it, but after you've configured your Ethernet card's netmask address, the details become rather vague. You might find yourself asking--if you were a Danish prince--"What is a packet, if its chief good and market of its time be but to route and wrap?" If routing and wrapping were all packets did, we would all enjoy our ignorance blissfully. But packets--like men, as the prince learned--can be hollow carriers of ill will, and excluding the bad ones requires us to understand what they really truly are. At last.

Just how interesting packets turn out to be is revealed in Linux Firewalls, Robert L. Zeigler's sober, agile, and subtle text. Narrowing consideration to threats faced by small networks from external sources, Zeigler and his editors introduce security by delivering prerequisite tutorials on packet architecture and normal network-based client/server daemon-to-daemon communications. Nonthreatening daemon-to-daemon communication is part of the regular operation of a networked POSIX-compliant operating system (like Linux or Windows NT), but the incessant background chatter makes finding hostile intrusions a search for sometimes subtle irregularities in a high throughput environment.

In fact, bombardment of networks with useless packets can create diversions for more pernicious attacks. Distinguishing the good packets from the potentially hostile or merely useless packets requires levels of filtering criteria that depend on the specifics of the network environment. Zeigler sorts out all of these issues and outlines practical network administration strategies for packet filtering.

Linux Firewalls is a how-to for the home Linux box, including the creating and debugging firewall rules for home LANs and network interfaces. For larger LAN users, Zeigler describes intrusion logging; configurations based on varying levels of trust; and the how, why, and when of reporting intrusions to network authorities.

In the wrong hands, firewall reports are either hyped-up cloak-and-dagger sensationalism or monotonous treatises in bitwise accounting. Zeigler strikes a middle ground with a book fit for members of the Linux community who are curious about what is happening over their TCP/IP connections. These are folks who have the prowess to build kernel releases on their own but who aren't necessarily wonks at developing kernel or device driver sources. --Peter Leopold --This text refers to an out of print or unavailable edition of this title.

From the Publisher

An Internet-connected Linux machine is in a high-risk situation. This book details security steps that a home or small-to-mid-size, non-enterprise business might take to protect itself from potential remote attackers. As with the first edition, this book will provide a description of the need for security measures and solutions built upon the most up-to-date technology available. What's new in the Second Edition? Besides updating the content to cover the 2.4 kernel, additional chapters on VPNs, SSH, and Tripwire have been added.

See all Editorial Reviews

Best Books of the Month
Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.

Product Details

  • Paperback: 592 pages
  • Publisher: Sams; 2 edition (October 24, 2001)
  • Language: English
  • ISBN-10: 0735710996
  • ISBN-13: 978-0735710993
  • Product Dimensions: 7 x 1.2 x 8.9 inches
  • Shipping Weight: 1.9 pounds
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (43 customer reviews)
  • Amazon Best Sellers Rank: #3,949,853 in Books (See Top 100 in Books)

More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

20 of 20 people found the following review helpful By Dean K. Gibson on April 26, 2000
Format: Paperback
Good points:
* Lots of details about how to set up packet filtering in Linux.
* Good reference material about various ports & services.
Bad points:
* The command lines in his "rc.firewall" scripts are long and thus wrap when printed in the book, making the scripts VERY difficult to read. A smaller, fixed-pitch font for the scripts, and good use of column alignment would have helped tremendously.
* Scant discussion of the "hosts.allow" and "hosts.deny" files, or of TCP/IP wrappers and inetd. Both are an essential part of Linux firewalls.
* The overall organization of the book is good, but some of the detail in the chapters is not well organized. Since he protects against invalid packets going OUT as well as coming IN, there's a lot of detail that many people will not want. That detail tends to obscure the WHY of what he's doing.
* In the appendix, he lists in exhaustive detail all his firewall rules, and then lists them AGAIN in a "better" order. Yes, the second order is better for BOTH efficiency and understanding, so why provide the first list? Actually, there are SIX complete lists in the appendix: three for ipchains, and another three lists for ipfwadm), but that's another story ...
All in all, a good book in spite of the above. There are a few typos, but once you understand what he's doing, the typos are obvious.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
24 of 26 people found the following review helpful By Shaun T. Erickson on December 13, 1999
Format: Paperback
As a System Administrator who is trying to add new skills to his resume, and a home cablemodem user who wants to protect his private network from hackers on the Internet, I have found Mr. Ziegler's book, "Linux Firewalls", to be excellent, as I have also found his website to be. I read his book, cover to cover, within 24 hours of it's purchase (no small feat). Most informative!
It takes an honored place on my bookshelf, next to my other firewall bibles (Chapman & Zwicky's "Building Internet Firewalls" and Cheswick & Bellovin's "Firewalls and Internet Security : Repelling the Wily Hacker").
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
32 of 37 people found the following review helpful By Phil Lavigna on December 4, 1999
Format: Paperback
This author has been providing a great service to the Linux community with his Firewall Design Tool... I've used it to configure several firewalls with outstanding results (from portscans). I also purchased this book even though I never put the two names together until I saw an ad linking the two. Linux Firewalls isn't one of those books you read by the fireplace, but it's full of specific solutions to specific issues that all networks face. I appreciate the author's knowledge and recommend his website and book to Linux users.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
23 of 26 people found the following review helpful By R. Krause on May 11, 2000
Format: Paperback
I looked at both this book and the "Linux and OpenBSD Firewall" books before deciding on this one. This book does a much more exhaustive job of explaining how to build a linux firewall.
Going beyond just telling you "here's what you want your firewall script to look like" which is what I felt the other book did, this title explains why you shouldn't have certain daemons running on the firewall, what ports to block and the possible consequences and attack types that can come from not blocking a specific port. Amusingly enough, it even tells you the port to leave open if you plan on running a Quake server.
As pointed out below, the wrap around on some of the examples is annoying.
The book also is dedicated to handling the threat from the outside, it does not deal with the internel threat that any company needs to guard against, though it is pointed out in the very beginning that this book isn't designed to deal with internal threats, so I don't see this as a negative.
I found the book easy to read. There are some technical books you dread picking up since they are so stale, this fortunately I found not to be like that.
The entire book is dedicated to firewalls. Some firewall books I have seen a good chunk of the book is choosing hardware and how to install the OS. The author of this book intelligently reasoned that his readers already have Linux installed and want a book on firewalls, not a how to install the OS.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
18 of 20 people found the following review helpful By A Customer on December 16, 2000
Format: Paperback
If you are responsible for a small Linux network, whether it be at home or work, with an always-on high-speed Internet connection, and you are not already a firewall expert, this is the first book you should read. Mr Ziegler starts off by explaining the "why's" (theory) and then proceeds to demonstrate the "how's" (practice): all in a common-sense and easily understood manner.
The author's website contains an additional wealth of information for the amateur Linux network administrator. As mentioned in another review there is a script on the site that will walk the user through some questions and create a firewall script based on the answers. The website is not mentioned very prominently in the book however; just inside the outer front cover at the very lower left.
A couple of other MINOR shortcomings: Maggiano's "CGI programming with Tcl" provides a better first-chapter introduction to internet communication protocols and concepts such as the "three-way handshake". Having read that previously helped me breeze through Chapter 1 of Linux Firewalls with NO questions, which may not be the case for other readers (I am perhaps additionally better prepared in that I am a professional web developer).
Additionally, Ziegler makes no mention of the "ntsysv" utility, which allows the user to simply add or remove services to be started up upon booting, through a MENU interface, instead of having to manually edit scripts. This utility is incorporated into the installation routines of a couple of versions of Red Hat with which I am familiar (5.2/6.0), but NOT Mandrake, which is based on Red Hat. It was through Kabir's excellent "Red Hat Linux Administrator's Handbook" that I learned of the ntsysv utility and have begun using it after installation.
Regardless, this book of Ziegler's is destined for a classic. I have over 100 computer books: if I had to get rid of all but five, this one would be a keeper.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

Want to discover more products? Check out these pages to see more: latin language, secur