Troubleshooting Linux® Firewalls [Paperback]

Michael Shinn (Author), Scott Shinn (Author)

Book Description

Publication Date: December 24, 2004 | ISBN-10: 0321227239 | ISBN-13: 978-0321227232 | Edition: 1

While Linux firewalls are inexpensive and quite reliable, they lack the supportcomponent of their commerical counterparts. As a result, most users of Linuxfirewalls have to resort to mailing lists to solve their problems. Our authorshave scoured firewall mailing lists and have compiled a list of the most oftenencountered problems in Linux firewalling. This book takes a Chilton's manualdiagnostic approach to solving these problems.The book begins by presenting the two most common Linux firewallconfigurations and demonstrates how to implement these configurations in animperfect network environment, not in an ideal one. Then, the authors proceedto present a methodology for analyzing each problem at various network levels:cabling, hardware components, protocols, services, and applications. Theauthors include diagnostic scripts which the readers can use to analyze andsolve their particular Linux firewall problems. The reference distributions areRed Hat and SuSE (for international market).

Editorial Reviews

From the Back Cover

Covers Red Hat and SUSE

When something goes wrong with your Linux firewall, you need to fix it—right now. You don't have time for endless newsgroup searches, confusing man pages, emails to the developers... it's an emergency! One book brings together all the step-by-step solutions and proven problem-solving techniques you'll need when the time comes: Troubleshooting Linux® Firewalls.

Authors Michael Shinn and Scott Shinn are among the world's leading firewall experts; they've even been hired to protect computer security at the White House. In this book, they cover every area where Linux firewalls can go wrong: rules and filtering problems, Layer 2/3/4 issues, trouble with individual services, DNS/DHCP failures, even misconfigured VPNs. They also present an easy, start-to-finish troubleshooting methodology that'll help you identify even the newest or most obscure firewall problem fast—and solve it!

Inside, you will find in-depth information on the following areas:

• What you must know about iptables and netfilter to troubleshoot and avoid problems

• Using loggers, sniffers, and other tools to diagnose even the most obscure firewall problems

• Making sure your firewall rules work the way they're supposed to

• Resolving problems with Network Address Translation and IP Forwarding

• Troubleshooting SMTP, Apache, Squid, NFS, FTP, instant messaging, and other Web-based services

• Finding and fixing common problems with IPsec VPN configuration

• Making your firewalls more failure-resistant: recommendations from the experts

If you depend on a Linux firewall, what will you do if it goes down? With Troubleshooting Linux® Firewalls, you can be confident that the solutions are right at hand—so you can sleep at night!

© Copyright Pearson Education. All rights reserved.

About the Author

AUTHORS

Michael Shinn is managing partner of the Prometheus Group, an IT security consulting firm. He was formerly a member of Cisco's Advanced Network Security Research group and a senior software developer and founding member of the firm's Signatures and Exploits Development Team.

Scott Shinn co-founded Plesk, a server management firm. He was formerly a senior network security engineer specializing in penetration testing for Fortune 50 clients at Wheelgroup, a firm later acquired by Cisco.

Both authors served on the White House technology staff, specializing in security and penetration testing of both internal and Internet-connected systems.

© Copyright Pearson Education. All rights reserved.

Product Details

• Paperback: 384 pages
• Publisher: Addison-Wesley Professional; 1 edition (December 24, 2004)
• Language: English
• ISBN-10: 0321227239
• ISBN-13: 978-0321227232
• Product Dimensions: 9.1 x 6.9 x 0.7 inches
• Shipping Weight: 1.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (3 customer reviews)
• Amazon Best Sellers Rank: #1,929,067 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

12 of 14 people found the following review helpful:

5.0 out of 5 stars Best of breed, April 20, 2005

By 

Stephen Northcutt (Kauai, HI USA) - See all my reviews
(REAL NAME)   

This review is from: Troubleshooting Linux® Firewalls (Paperback)

The Shinn brothers are legendary in information security, so when I saw this book, I made sure to put it on the top of my airline reading list.

If you ever watch someone closely that is trying to troubleshoot a computer, network, or firewall, you quickly realize fault detection and root cause determination are skills very few people have. I watch people change two things and reboot, or try the last thing they just tried again and just shake my head.

The book is not just about troubleshooting, it includes setup, network theory, and proper design as well. However, chapter 4 should be required reading for anyone that is allowed near a computer with privileged access, windows or unix. If this book gets revised I would love to see the troubleshooting chapter expanded, that is critially important information.

4 of 4 people found the following review helpful:

4.0 out of 5 stars It Delivers, August 24, 2007

By 

Jeff Pike (Mechanicsville, VA United States) - See all my reviews

This review is from: Troubleshooting Linux® Firewalls (Paperback)

Despite a number of introductory chapters, there is not much fluff in here. It provides a sound treatment of architectural issues before getting down to business with netfilter and iptables. It touches on some diagnostics techniques and tools before dealing with firewall configurations that are specific to popular services. This is a very useful book for firewall administrators. The index could be better, but I've been able to find what I needed.

Chapters in this 360 page volume include:

-Introduction

-Getting Started

-Local Firewall Security

-Troubleshooting Methodology

-The OSI Model

-netfilter and iptables Overview

-Using iptables

-A Tour of Our Collective Toolbox

-Diagnostics

-Testing Your Firewall Rules for Security

-Layer 2/Inline Filtering

-NAT and IP Forwarding

-General IP

-SMTP

-Web Services

-File Services

-Instant Messaging

-DNS/DHCP

-VPNs

8 of 11 people found the following review helpful:

4.0 out of 5 stars firewalls are not trivial to run, January 17, 2005

By 

W Boudville (Terra, Sol 3) - See all my reviews
(VINE VOICE)    (TOP 1000 REVIEWER)    (HALL OF FAME REVIEWER)    (REAL NAME)   

This review is from: Troubleshooting Linux® Firewalls (Paperback)

Linux firewalls are attractive to many companies because of their free nature. But free does not mean easy to understand or use. It is this need to which the book is addressed.

The authors show that linux comes with powerful, versatile firewall and intrusion detection utilities. But if you need a firewall, chances are you want it to work as best as possible in defending your subnet. So details of optimum usage matter. Starting from the top down, with an analysis of how to devise a network security plan, to implementing it in a secure firewall.

The book talks about how to best use various tools like nmap and iptables. Your linux toolbox is your arsenal. The problem is that some tools are not the easiest to use. Not helped by the fact that most are run at the command line. The latter is desirable for maximum flexibility, especially in writing scripts that use them. The book has guidelines for best practices.

The chapter on VPN is concise and accurate. But this topic is important enough in its own right that if you plan on setting one up, seriously consider getting a book devoted to it.