cipherdyne.org

Michael Rash, Security Researcher



Slashdot review of Linux Firewalls

Slashdot review of Linux Firewalls For the first post to the Cipherdyne blog for 2008 and for anyone who reads this blog but doesn't read Slashdot (ok, so maybe there are two of you), the Linux Firewalls: Attack Detection and Response book was reviewed on Slashdot by David Martinjak. David gave the book a rating of 9 out of a possible 10, and had some great things to say about it such as the following quotes:

   The chapters about iptables packet filtering are crucial for any reader new to networking or firewall administration. Experienced users might pick up a tip or two, as well. Linux Firewalls contained a wealth of knowledge about packet structure in addition to a solid explanation of iptables usage. I was rather impressed by the variety of information presented in the early chapters. The book of course detailed the syntax and logistics of iptables, but also provided detailed examples of attacks at the network, transport, and application layers.

There were no real disappointments with this book. The reading did get a bit tedious at times with regard to configuration specifics, but it was only due to the depth of helpful explanation. Had I been working with the applications while reading (instead of just reading), the content would have been much more relevant. In the end, however, the variety resulted in a rather impressive and enjoyable book. The coverage of psad, fwsnort, and fwknop were welcomed additions. Each of the central topics were thoroughly explained in an informative, yet engaging manner. Essentially, I did not want to stop reading.


There was also a favorable review of the book in Free Software Magazine.