REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn
- BKTSLNFW.RVW 20071110
"Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, 2005,
%A Michael Shinn www.gotroot.com
%A Scott Shinn
%C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8
%I Addison-Wesley Publishing Co.
%O U$44.99/C$64.99 416-447-5101 fax: 416-443-0948 bkexpress@...
%O Audience i Tech 2 Writing 2 (see revfaq.htm for explanation)
%P 369 p.
%T "Troubleshooting Linux Firewalls"
Even though it is contained within part one of the book itself,
chapter one is basically a preface. It outlines the tripartite nature
of the work, which contains basic security principles and background
on firewalls (presented from a context of risk management), diagnostic
tools to use in order to identify the specifics of problems, and
cookbook type solutions to common problems.
Part one, therefore, starts out with the general principles, and
chapter one, as well as the outline of the book, presents some of
these conceptual details. The risk management that is outlined in
chapter two is mostly structured on project management and process.
Utilities to manage and maintain bastion security for firewall
machines are noted in chapter three. A troubleshooting methodology is
suggested in chapter four.
Part two examines tools and internals in regard to investigation of
issues. Chapter five looks at the OSI (Open Systems Interconnection)
model. This is mostly in terms of details of the various protocols,
but there is a quick run-through of items to check in the different
layers of the OSI stack. Flowcharts of netfilter and iptables
utilities, provided in chapter six, can assist in demonstrating how
the processes work, and so how to find out when they don't. The rules
for iptables are discussed in chapter seven (and I am delighted to see
some attention paid to egress filtering). Basic utilities are
mentioned in chapter eight, and specific diagnostic tools in nine.
Part three, although entitled diagnostics, is the "how to" cookbook
section. A variety of situations and functions, as addressed by
different types of filters, are described as the chapters proceed
through testing firewall rules (in chapter ten: although the material
is basically limited to penetration testing), layer 2 filtering
(chapter eleven), NAT (Network Address Translation) and forwarding
(twelve), general IP (Internet Protocol) at layers 3 and 4 (thirteen),
SMTP (Simple Mail Transfer Protocol) and email (fourteen), Web
services (fifteen), file services (NFS and ftp, in sixteen), instant
messaging (seventeen), DNS (Domain Name Service) and DHCP (Dynamic
Host Configuration Protocol) (eighteen), and virtual private networks
Within the well-defined limits set on the book by the authors, it
fulfills all three purposes quite well. Those who need to manage and
maintain firewalls in a Linux environment, but have limited resources
or background, will find it quite useful.
copyright Robert M. Slade, 2007 BKTSLNFW.RVW 20071110
rslade@... slade@... rslade@...
"If you do buy a computer, don't turn it on." - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses" 0-387-94663-2
"Viruses Revealed" 0-07-213090-3
"Software Forensics" 0-07-142804-6
"Dictionary of Information Security" Syngress 1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs: [Base URL]mnbksccd.htm
PC Security: [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews: [Base URL]mnbk.htm
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to firstname.lastname@example.org