Loading ...
Sorry, an error occurred while loading the content.

REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn

Expand Messages
  • Rob, grandpa of Ryan, Trevor, Devon & Han
    BKTSLNFW.RVW 20071110 Troubleshooting Linux Firewalls , Michael Shinn/Scott Shinn, 2005, 0-321-22723-9, U$44.99/C$64.99 %A Michael Shinn www.gotroot.com
    Message 1 of 1 , Jan 28, 2008
    • 0 Attachment
      BKTSLNFW.RVW 20071110

      "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, 2005,
      0-321-22723-9, U$44.99/C$64.99
      %A Michael Shinn www.gotroot.com
      %A Scott Shinn
      %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
      %D 2005
      %G 0-321-22723-9
      %I Addison-Wesley Publishing Co.
      %O U$44.99/C$64.99 416-447-5101 fax: 416-443-0948 bkexpress@...
      %O http://www.amazon.com/exec/obidos/ASIN/0321227239/robsladesinterne
      %O http://www.amazon.ca/exec/obidos/ASIN/0321227239/robsladesin03-20
      %O Audience i Tech 2 Writing 2 (see revfaq.htm for explanation)
      %P 369 p.
      %T "Troubleshooting Linux Firewalls"

      Even though it is contained within part one of the book itself,
      chapter one is basically a preface. It outlines the tripartite nature
      of the work, which contains basic security principles and background
      on firewalls (presented from a context of risk management), diagnostic
      tools to use in order to identify the specifics of problems, and
      cookbook type solutions to common problems.

      Part one, therefore, starts out with the general principles, and
      chapter one, as well as the outline of the book, presents some of
      these conceptual details. The risk management that is outlined in
      chapter two is mostly structured on project management and process.
      Utilities to manage and maintain bastion security for firewall
      machines are noted in chapter three. A troubleshooting methodology is
      suggested in chapter four.

      Part two examines tools and internals in regard to investigation of
      issues. Chapter five looks at the OSI (Open Systems Interconnection)
      model. This is mostly in terms of details of the various protocols,
      but there is a quick run-through of items to check in the different
      layers of the OSI stack. Flowcharts of netfilter and iptables
      utilities, provided in chapter six, can assist in demonstrating how
      the processes work, and so how to find out when they don't. The rules
      for iptables are discussed in chapter seven (and I am delighted to see
      some attention paid to egress filtering). Basic utilities are
      mentioned in chapter eight, and specific diagnostic tools in nine.

      Part three, although entitled diagnostics, is the "how to" cookbook
      section. A variety of situations and functions, as addressed by
      different types of filters, are described as the chapters proceed
      through testing firewall rules (in chapter ten: although the material
      is basically limited to penetration testing), layer 2 filtering
      (chapter eleven), NAT (Network Address Translation) and forwarding
      (twelve), general IP (Internet Protocol) at layers 3 and 4 (thirteen),
      SMTP (Simple Mail Transfer Protocol) and email (fourteen), Web
      services (fifteen), file services (NFS and ftp, in sixteen), instant
      messaging (seventeen), DNS (Domain Name Service) and DHCP (Dynamic
      Host Configuration Protocol) (eighteen), and virtual private networks

      Within the well-defined limits set on the book by the authors, it
      fulfills all three purposes quite well. Those who need to manage and
      maintain firewalls in a Linux environment, but have limited resources
      or background, will find it quite useful.

      copyright Robert M. Slade, 2007 BKTSLNFW.RVW 20071110

      rslade@... slade@... rslade@...
      "If you do buy a computer, don't turn it on." - Richards' 2nd Law
      "Robert Slade's Guide to Computer Viruses" 0-387-94663-2
      "Viruses Revealed" 0-07-213090-3
      "Software Forensics" 0-07-142804-6
      "Dictionary of Information Security" Syngress 1-59749-115-2
      ============= for back issues:
      [Base URL] site http://victoria.tc.ca/techrev/
      CISSP refs: [Base URL]mnbksccd.htm
      PC Security: [Base URL]mnvrrvsc.htm
      Security Dict.: [Base URL]secgloss.htm
      Security Educ.: [Base URL]comseced.htm
      Book reviews: [Base URL]mnbk.htm
      [Base URL]review.htm
      Partial/recent: http://groups.yahoo.com/group/techbooks/
      Security Educ.: http://groups.yahoo.com/group/comseced/
      Review mailing list: send mail to techbooks-subscribe@egroups.com
    Your message has been successfully submitted and would be delivered to recipients shortly.