Language Selection

English French German Italian Portuguese Spanish

Book Review: Linux Firewalls - Attack Detection and Response with iptables, psad, and fwsnort

Working in a university environment, one gets used to doing more with less. Security, particularly, seems to never get the budget it deserves though it has increased in recent years. For all their limitations, open-source tools are the vital lifeblood that makes IT work, and work securely, in academia.

Using Netfilter (or commonly called iptables) for the firewalls have managed to reduce costs but provide stable and secure service to the users. However, for some time we've been looking to get more out of our firewalls to enhance the security and data reporting from the firewalls. The syslogs are all fine and good, but no one is seriously going to review them without some application doing the heavy lifting of making the data presentable.

Linux Firewalls, in this regard, is a great resource. It provided insight and helpful information into additional tools to get the most out of iptables and to add in additional functionality. The book covers basic iptables fundamentals and then covers the additional applications of psad, fwsnort, fwknop and data visualization of firewall logs.

More Here




More in Tux Machines

Why I still love tcsh after all these years

I consider myself a happy Bash user. However, when I started exploring Unix, it was on a proprietary Unix system that provided tcsh by default, so my earliest shell experiences were on a modern version of the C shell (csh). That turned out to be a fortunate accident because tcsh was also the shell of choice at the film studio where I worked later in my career. To this day, there are several tasks I associate with tcsh, even though there's no logical correlation there. I still use tcsh on at least one system, if only to stay in practice. I also keep it installed on all my systems to maintain compatibility with my own tcsh scripts and to ensure I can launch it when I need to write a script I prefer to have in tcsh. Read more

An Android operating system that prioritizes mobile data privacy

Android and iOS devices are notorious for uploading your personal data to their cloud services without your permission. If you are concerned about your mobile data privacy, you have another option to consider for your next smartphone: the /e/ operating system, a free and open source, Android-based operating system. The eFoundation community is led by Gaël Duval, a legacy Linux developer and entrepreneur who founded Mandrake Linux in 1998. Gaël has been passionate about computers since he was 10 years old. He has a degree in software engineering and started his career by creating Mandrake (which later became Mandriva) as a Linux distribution that catered to end users. Mandrake was a Red Hat Linux-based distribution that featured a graphical user interface by default, was easy to use, and focused on the desktop experience. Read more

Decision Making With If Else and Case Statements in Bash Scripts

In this chapter of bash beginner series, you'll learn about using if-else, nested if else and case statements in bash scripts. Read more

Debian GNU/Linux 11 (Bullseye) Artwork Contest Is Now Open for Entries

This is the moment for aspiring artists and designers who want to display their work in front of millions of Debian users to submit their best artwork for the upcoming Debian GNU/Linux 11 (Bullseye) operating system series, due for release in mid-2021. Submissions are opened until November 1st, 2020, but your artwork needs to meet the following specifications. For example, you will have to create a wiki page for your artwork proposal at DebianArt/Themes, write down a few words about your idea, use an image format that can be later modified using free and open source software, and add a license that lets the Debian Project distribute your artwork within Debian GNU/Linux. Read more