Compare to other books about iptables, it focus on detection and response an attack using iptables under Linux, while most other linux firewalls books introducing how to use iptables.
Some tools using in this book:
- iptables: firewall tool part of Linux kernel since 2001.
- psad: An iptables log analyzer and active response tool.
- fwsnort: A script that translates Snort rules into equivalent iptables rules.
- fwknop: An implementation of Single Packet Authorization (SPA) for iptables.
iptables vs. Netfilter
iptables uses the Netfilter framework to hook functions designed to perform operations on packets into networking stack. Netfilter is providing the framework on which iptables builds firewall functionality.
Attack Detection and Response with Iptables, Psad, and Fwsnort
By Michael Rash · 2007
Publisher:No Starch Press