查看: 3522|回复: 39

[Linux电子书] 《linux firewalls》334页英文原版书籍 Linux下防火墙技术学习

  [复制链接]

2244

主题

2562

帖子

2万

积分

管理团队

Rank: 20Rank: 20Rank: 20Rank: 20Rank: 20

贡献
51
技术
142
活跃
2
在线时间
121 小时
擅长技术
思科华为
发表于 2014-2-15 16:10:08 | 显示全部楼层 |阅读模式
《linux firewalls》334页英文原版书籍 Linux下防火墙技术学习

资源介绍/目录/截图


Acknowledgments ..........................................................................................................xv
Foreword by Richard Bejtlich .........................................................................................xvii
Introduction ....................................................................................................................1
Chapter 1: Care and Feeding of iptables ...........................................................................9
Chapter 2: Network Layer Attacks and Defense ................................................................35
Chapter 3: Transport Layer Attacks and Defense ...............................................................49
Chapter 4: Application Layer Attacks and Defense ............................................................69
Chapter 5: Introducing psad: The Port Scan Attack Detector ...............................................81
Chapter 6: psad Operations: Detecting Suspicious Traffic ..................................................99
Chapter 7: Advanced psad Topics: From Signature Matching to OS Fingerprinting.............113
Chapter 8: Active Response with psad...........................................................................131
Chapter 9: Translating Snort Rules into iptables Rules ......................................................149
Chapter 10: Deploying fwsnort .....................................................................................173
Chapter 11: Combining psad and fwsnort .....................................................................193
Chapter 12: Port Knocking vs. Single Packet Authorization ..............................................213
Chapter 13: Introducing fwknop ...................................................................................231
Chapter 14: Visualizing iptables Logs............................................................................257
Appendix A: Attack Spoofing .......................................................................................279
Appendix B: A Complete fwsnort Script .........................................................................285
Index .........................................................................................................................291
ACKNOWLEDGMENTS xv
FOREWORD by Richard Bejt lich xvii
INTRODUCTION 1
Why Detect Attacks with iptables? .............................................................................. 2
What About Dedicated Network Intrusion Detection Systems? ........................... 3
Defense in Depth ......................................................................................... 4
Prerequisites ............................................................................................................ 4
Technical References ................................................................................................ 5
About the Website ................................................................................................... 5
Chapter Summaries .................................................................................................. 6
1
CARE AND FEEDING OF IPTABLES 9
iptables ................................................................................................................... 9
Packet Filtering with iptables .................................................................................... 10
Tables ...................................................................................................... 11
Chains ..................................................................................................... 11
Matches ................................................................................................... 12
Targets .................................................................................................... 12
Installing iptables ................................................................................................... 12
Kernel Configuration .............................................................................................. 14
Essential Netfilter Compilation Options ........................................................ 15
Finishing the Kernel Configuration ............................................................... 16
Loadable Kernel Modules vs. Built-in Compilation and Security ....................... 16
Security and Minimal Compilation ............................................................................ 17
Kernel Compilation and Installation .......................................................................... 18
Installing the iptables Userland Binaries .................................................................... 19
Default iptables Policy ............................................................................................. 20
Policy Requirements ................................................................................... 20
iptables.sh Script Preamble ......................................................................... 22
The INPUT Chain ...................................................................................... 22
The OUTPUT Chain ................................................................................... 24
The FORWARD Chain ............................................................................... 25
Network Address Translation ..................................................................... 26
Activating the Policy .................................................................................. 27
iptables-save and iptables-restore ................................................................ 27
Testing the Policy: TCP ............................................................................... 29
Testing the Policy: UDP .............................................................................. 31
Testing the Policy: ICMP ............................................................................. 32
Concluding Thoughts .............................................................................................. 33
2
NETWORK LAYER ATTACKS AND DEFENSE 35
Logging Network Layer Headers with iptables ........................................................... 35
Logging the IP Header ............................................................................... 36
Network Layer Attack Definitions .............................................................................. 38
Abusing the Network Layer ..................................................................................... 39
Nmap ICMP Ping ...................................................................................... 39
IP Spoofing ............................................................................................... 40
IP Fragmentation ....................................................................................... 41
Low TTL Values .......................................................................................... 42
The Smurf Attack ....................................................................................... 43
DDoS Attacks ............................................................................................ 44
Linux Kernel IGMP Attack ........................................................................... 44
Network Layer Responses ........................................................................................ 45
Network Layer Filtering Response ................................................................ 45
Network Layer Thresholding Response ......................................................... 45
Combining Responses Across Layers ............................................................ 46
3
TRANSPORT LAYER ATTACKS AND DEFENSE 49
Logging Transport Layer Headers with iptables .......................................................... 50
Logging the TCP Header ............................................................................ 50
Logging the UDP Header ............................................................................ 52
Transport Layer Attack Definitions ............................................................................. 52
Abusing the Transport Layer .................................................................................... 53
Port Scans ................................................................................................ 53
Port Sweeps ............................................................................................. 61
TCP Sequence Prediction Attacks ................................................................. 61
SYN Floods .............................................................................................. 62
Transport Layer Responses ....................................................................................... 62
TCP Responses .......................................................................................... 62
UDP Responses ......................................................................................... 66
Firewall Rules and Router ACLs ................................................................... 67
4
APPLICATION LAYER ATTACKS AND DEFENSE 69
Application Layer String Matching with iptables ......................................................... 70
Observing the String Match Extension in Action ............................................ 70
Matching Non-Printable Application Layer Data ............................................ 71
Application Layer Attack Definitions .......................................................................... 72
Abusing the Application Layer ................................................................................. 73
Snort Signatures ........................................................................................ 74
Buffer Overflow Exploits ............................................................................. 74
SQL Injection Attacks ................................................................................. 76
Gray Matter Hacking ................................................................................. 77
Encryption and Application Encodings ...................................................................... 79
Application Layer Responses .................................................................................... 80


无标题_副本.jpg


购买主题 已有 4 人购买  本主题需向作者支付 2 金币 才能浏览

0

主题

354

帖子

3173

积分

论坛VIP原价+免回复特权

Rank: 8Rank: 8

贡献
0
技术
0
活跃
0
在线时间
0 小时
发表于 2014-3-17 21:08:40 | 显示全部楼层
谁知盘中餐,发帖真辛苦!

0

主题

641

帖子

7358

积分

论坛VIP原价+免回复特权

Rank: 8Rank: 8

贡献
0
技术
0
活跃
-1
在线时间
0 小时
发表于 2014-3-28 23:18:17 | 显示全部楼层
爱技术,爱实验,尽在三通IT学院!

20

主题

854

帖子

4879

积分

论坛VIP特惠-永久权限

贡献
144
技术
97
活跃
259
在线时间
41 小时
擅长技术
思科华为

有钱银!点赞专家

发表于 2014-4-8 14:45:48 | 显示全部楼层
谁知盘中餐,发帖真辛苦!

0

主题

837

帖子

5937

积分

论坛贵宾VIP-永久权限

Rank: 8Rank: 8

贡献
0
技术
0
活跃
1252
在线时间
86 小时
擅长技术
LINUX
发表于 2016-5-15 18:44:30 | 显示全部楼层
这个不错……下载!

0

主题

633

帖子

4165

积分

论坛贵宾VIP-永久权限

Rank: 8Rank: 8

贡献
0
技术
0
活跃
700
在线时间
59 小时
发表于 2016-5-18 00:00:28 | 显示全部楼层

APPLICATION LAYER ATTACKS AND DEFENSE 69
Application Layer String Matching with iptables ......................................................... 70
Observing the String Match Extension in Action ............................................ 70
Matching Non-Printable Application Layer Data ............................................ 71
Application Layer Attack Definitions .......................................................................... 72
Abusing the Application Layer ................................................................................. 73
Snort Signatures ........................................................................................ 74
Buffer Overflow

0

主题

1459

帖子

1万

积分

Nib

Rank: 11Rank: 11Rank: 11Rank: 11

贡献
0
技术
0
活跃
2718
在线时间
284 小时
发表于 2016-6-12 20:41:37 | 显示全部楼层
Linux Firewalls

1

主题

1265

帖子

8593

积分

论坛贵宾VIP-永久权限

Rank: 8Rank: 8

贡献
-100
技术
0
活跃
1703
在线时间
110 小时
发表于 2016-6-13 22:16:52 | 显示全部楼层
非常感谢楼主

0

主题

1226

帖子

7586

积分

论坛贵宾VIP-永久权限

Rank: 8Rank: 8

贡献
-100
技术
0
活跃
1041
在线时间
84 小时
发表于 2016-8-26 09:26:17 | 显示全部楼层
每天来学习,跟三通一起成长!
使用 高级模式(可批量传图、插入视频等)
您需要登录后才可以回帖 登录 | 立即注册

快速回复 返回顶部 返回列表