Chapter 3: Transport Layer Attacks and Defense

The transport layer is the realm of server reconnaissance with port scans and sweeps, and this chapter examines the inner workings of these methods. The iptables logging format is well suited to representing transport layer header information, and this is useful for detecting all sorts of mischief.

The figures below represent the completeness of the iptables logging format for TCP and UDP headers, and are discussed in Chapter 3.

iptables LOG Coverage of the TCP Header:

iptables Log message coverage of the TCP header

iptables Log message coverage of the TCP header

iptables LOG Coverage of the UDP Header:

iptables Log message coverage of the UDP header

cipherdyne.org

Chapter 3: Transport Layer Attacks and Defense

Software

Linux Firewalls Book

Recent Blog Posts

Categories