Linux firewalls : attack detection and response with iptables, psad, and fwsnort /
Linux firewalls provide capabilities that rival commercial firewalls, and are built upon the powerful Netfilter infrastructure in the Linux kernel. "Linux Firewalls: Attack Detection and Response" explores using Netfilter as an intrusion detection system (IDS) by combining it with Snort ru...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
San Francisco :
No Starch Press,
©2007.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Brief contents
- contents in detail
- acknowledgments
- foreword
- introduction
- care and feeding of iptables
- network layer attacks and defense
- transport layer attacks and defense
- application layer attacks and defense
- introducing psad: the port scan attack detector
- psad operations: detecting suspicious traffic
- advanced psad topics: from signature matching to os fingerprinting
- active response with psad
- translating snort rules into iptables rules
- deploying fwsnort
- combining psad and fwsnort
- Port knocking vs . single packet authorizationintroducing fwknop
- visualizing iptables logs
- attack spoofing
- a complete fwsnort script
- index