1545| 7
|
[Linux电子书] 285页英文原版LINUX学习电子书《Designing and Implementing Linux Firewalls and |
285页英文原版LINUX学习电子书《Designing and Implementing Linux Firewalls and
资源介绍/目录/截图 Chapter 1: Networking Fundamentals 7 The OSI Model 8 OSI Layer 7: Application 9 OSI Layer 6: Presentation 9 OSI Layer 5: Session 10 OSI Layer 4: Transport 10 OSI Layer 3: Network 11 OSI Layer 2: Data Link 11 OSI Layer 1: Physical 11 OSI Functionality Example and Benefits 12 The TCP/IP Model 13 The TCP/IP Application Layer 13 The TCP/IP Transport Layer 14 The Transmission Control Protocol (TCP) 15 The User Datagram Protocol (UDP) 18 The TCP/IP Internet Layer 19 The TCP/IP Network Access Layer 22 TCP/IP Protocol Suite Summary 23 OSI versus TCP/IP 2 25 IP Addressing, IP Subnetting, and IP Supernetting 2 27 Obtaining an IP Address 28 IP Classes 29 Reserved IP Addresses 30 Public and Private IP Addresses 31 IP Subnetting 32 The Subnet Mask 33 Everything Divided in Two 34 A Different Approach 36 IP Supernetting or CIDR 36 Summary 3 39 Chapter 2: Security Threats 41 Layer 1 Security Threats 42 Layer 2 Security Threats 42 MAC Attacks 42 DHCP Attacks 43 ARP Attacks 45 STP and VLAN-Related Attacks 45 Layer 3 Security Threats 46 Packet Sniffing 47 IP Spoofing 47 Routing Protocols Attacks 48 ICMP Attacks 48 Teardrop Attacks 49 Layer 4 Security Threats 49 TCP Attacks 50 UDP Attacks 51 TCP and UDP Port Scan Attacks 51 Layer 5, 6, and 7 Security Threats 51 BIND Domain Name System (DNS) 52 Apache Web Server 52 Version Control Systems 53 Mail Transport Agents (MTA) 54 Simple Network Management Protocol (SNMP) 55 Open Secure Sockets Layer (OpenSSL) 56 Protect Running Services—General Discussion 56 Summary 62 Chapter 3: Prerequisites: netfilter and iproute2 63 netfilter/iptables 63 Iptables — Operations 67 Filtering Specifications 68 Target Specifications 70 A Basic Firewall Script—Linux as a Workstation 72 iproute2 and Traffic Control 74 Network Configuration: "ip" Tool 74 Traffic Control: tc 75 Queuing Packets 76 tc qdisc, tc class, and tc filter 80 A Real Example 82 Summary 86 Chapter 4: NAT and Packet Mangling with iptables 89 A Short Introduction to NAT and PAT (NAPT) 89 SNAT and Masquerade 92 DNAT 94 Full NAT (aka Full Cone NAT) 95 PAT or NAPT 96 NAT Using iptables 97 Setting Up the Kernel 97 The netfilter nat Table 100 SNAT with iptables 102 DNAT with iptables 105 Transparent Proxy 105 Setting Up the Script 106 Verifying the Configuration 108 A Less Normal Situation: Double NAT 109 Packet Mangling with iptables 113 The netfilter mangle Table 115 Summary 117 Chapter 5: Layer 7 Filtering 119 When to Use L7-filter 120 How Does L7-filter Work? 121 Installing L7-filter 122 Applying the Kernel Patch 122 Applying the iptables Patch 124 Protocol Definitions 125 Testing the Installation 126 L7-filter Applications 128 Filtering Application Data 128 Application Bandwidth Limiting 129 Accounting with L7-filter 131 IPP2P: A P2P Match Option 132 Installing IPP2P 132 Using IPP2P 133 IPP2P versus L7-filter 134 Summary 135 Chapter 6: Small Networks Case Studies 137 Linux as SOHO Router 137 Setting Up the Network 139 Defining the Security Policy 141 Building the Firewall 142 Setting Up the Firewall Script 146 Verifying the Firewall Configuration 147 QoS—Bandwidth Allocation 150 The QoS Script 151 Verifying the QoS Configuration 152 Linux as Router for a Typical Small to Medium Company 154 Setting Up the Router 154 Defining the Security Policy 156 A Few Words on Applications 156 Creating the Firewall Rules 158 Setting Up the Firewall Script 161 QoS—Bandwidth Allocation 163 The QoS Script 166 Summary 168 Chapter 7: Medium Networks Case Studies 169 Example 1: A Company with Remote Locations 169 The Network 170 Building the Network Configuration 172 Designing the Firewalls 175 Building the Firewalls 176 Sites B and C 176 Site A 179 Headquarters 181 Make the Network Intelligent by Adding QoS 183 Example 2: A Typical Small ISP 191 The Network 192 Building the Network Configuration 194 Designing and Implementing the Firewalls 195 The Intranet Server: 1.2.3.10 196 The Wireless Server: 1.2.3.130 200 The AAA Server: 1.2.3.1 201 The Database Server: 1.2.3.2 203 The Email Server: 1.2.3.3 205 The Web Server: 1.2.3.4 206 A Few Words on the Access Server: 1.2.3.131 208 The Core Router—First Line of Defense 208 QoS for This Network 214 QoS on the Wireless Server for Long-Range Wireless Users 216 QoS on the Intranet Server for the Internal Departments 218 QoS on the Core Router 220 Summary 22 22 4 Chapter 8: Large Networks Case Studies 22 22 5 Thinking Large, Thinking Layered Models 22 22 8 A Real Large Network Example 22 22 9 A Brief Network Overview 230 City-1 231 City-2 232 City-3 and City-4 234 The Core Network Configuration 235 Core-2 237 Core-1, Core-3, and Core-4 240 Security Threats 242 Core Routers INPUT Firewalls 242 Protecting the Networks behind the Core Routers 243 Denial of Service Attacks 245 City-1 Firewall for Business-Critical Voice Equipment 250 Securing the Voice Network 252 QoS Implementation 255 Traffic Shaping for Clients 260 Summary 2 263 Index 265
购买主题
已有 1 人购买
本主题需向作者支付 1 金币 才能浏览
| |
发表于 2014-3-17 21:16:34
|
显示全部楼层
| ||
发表于 2014-3-24 15:34:35
|
显示全部楼层
| ||
发表于 2017-9-17 09:05:58
|
显示全部楼层
| ||
发表于 2017-9-17 12:05:39
|
显示全部楼层
| ||
发表于 2017-9-17 19:24:48
|
显示全部楼层
| ||
发表于 2018-2-2 16:10:16
|
显示全部楼层
| ||
发表于 2018-2-2 16:30:45
|
显示全部楼层
| ||