Network Security: Detailed info on [CISSP-D] REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott

Subject:	[CISSP-D] REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn
Date:	Mon, 28 Jan 2008 10:58:41 -0800

BKTSLNFW.RVW   20071110

"Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, 2005,
0-321-22723-9, U$44.99/C$64.99
%A   Michael Shinn www.gotroot.com
%A   Scott Shinn
%C   P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario  M3C 2T8
%D   2005
%G   0-321-22723-9
%I   Addison-Wesley Publishing Co.
%O   U$44.99/C$64.99 416-447-5101 fax: 416-443-0948 bkexpress@aw.com
%O  http://www.amazon.com/exec/obidos/ASIN/0321227239/robsladesinterne
  http://www.amazon.co.uk/exec/obidos/ASIN/0321227239/robsladesinte-21
%O   http://www.amazon.ca/exec/obidos/ASIN/0321227239/robsladesin03-20
%O   Audience i Tech 2 Writing 2 (see revfaq.htm for explanation)
%P   369 p.
%T   "Troubleshooting Linux Firewalls"

Even though it is contained within part one of the book itself,
chapter one is basically a preface.  It outlines the tripartite nature
of the work, which contains basic security principles and background
on firewalls (presented from a context of risk management), diagnostic
tools to use in order to identify the specifics of problems, and
cookbook type solutions to common problems.

Part one, therefore, starts out with the general principles, and
chapter one, as well as the outline of the book, presents some of
these conceptual details.  The risk management that is outlined in
chapter two is mostly structured on project management and process. 
Utilities to manage and maintain bastion security for firewall
machines are noted in chapter three.  A troubleshooting methodology is
suggested in chapter four.

Part two examines tools and internals in regard to investigation of
issues.  Chapter five looks at the OSI (Open Systems Interconnection)
model.  This is mostly in terms of details of the various protocols,
but there is a quick run-through of items to check in the different
layers of the OSI stack.  Flowcharts of netfilter and iptables
utilities, provided in chapter six, can assist in demonstrating how
the processes work, and so how to find out when they don't.  The rules
for iptables are discussed in chapter seven (and I am delighted to see
some attention paid to egress filtering).  Basic utilities are
mentioned in chapter eight, and specific diagnostic tools in nine.

Part three, although entitled diagnostics, is the "how to" cookbook
section.  A variety of situations and functions, as addressed by
different types of filters, are described as the chapters proceed
through testing firewall rules (in chapter ten: although the material
is basically limited to penetration testing), layer 2 filtering
(chapter eleven), NAT (Network Address Translation) and forwarding
(twelve), general IP (Internet Protocol) at layers 3 and 4 (thirteen),
SMTP (Simple Mail Transfer Protocol) and email (fourteen), Web
services (fifteen), file services (NFS and ftp, in sixteen), instant
messaging (seventeen), DNS (Domain Name Service) and DHCP (Dynamic
Host Configuration Protocol) (eighteen), and virtual private networks
(nineteen).

Within the well-defined limits set on the book by the authors, it
fulfills all three purposes quite well.  Those who need to manage and
maintain firewalls in a Linux environment, but have limited resources
or background, will find it quite useful.

copyright Robert M. Slade, 2007   BKTSLNFW.RVW   20071110


====================== 
rslade@isc2.org     slade@victoria.tc.ca     rslade@computercrime.org
"If you do buy a computer, don't turn it on."     - Richards' 2nd Law
"Robert Slade's Guide to Computer Viruses"              0-387-94663-2
"Viruses Revealed"                                      0-07-213090-3
"Software Forensics"                                    0-07-142804-6
"Dictionary of Information Security" Syngress           1-59749-115-2
============= for back issues:
[Base URL] site http://victoria.tc.ca/techrev/
CISSP refs:     [Base URL]mnbksccd.htm
PC Security:    [Base URL]mnvrrvsc.htm
Security Dict.: [Base URL]secgloss.htm
Security Educ.: [Base URL]comseced.htm
Book reviews:   [Base URL]mnbk.htm
                [Base URL]review.htm
Partial/recent: http://groups.yahoo.com/group/techbooks/
Security Educ.: http://groups.yahoo.com/group/comseced/
Review mailing list: send mail to techbooks-subscribe@egroups.com


 
Yahoo! Groups Links

<*> To visit your group on the web, go to:
    http://groups.yahoo.com/group/CISSP-Discuss/

<*> Your email settings:
    Individual Email | Traditional

<*> To change settings online go to:
    http://groups.yahoo.com/group/CISSP-Discuss/join
    (Yahoo! ID required)

<*> To change settings via email:
    mailto:CISSP-Discuss-digest@yahoogroups.com 
    mailto:CISSP-Discuss-fullfeatured@yahoogroups.com

<*> To unsubscribe from this group, send an email to:
    CISSP-Discuss-unsubscribe@yahoogroups.com

<*> Your use of Yahoo! Groups is subject to:
    http://docs.yahoo.com/info/terms/

<Prev in Thread]	Current Thread	[Next in Thread>
[CISSP-D] REVIEW: "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, Rob, grandpa of Ryan, Trevor, Devon & Hannah <=

Previous by Date:	[CISSP-D] REVIEW: "Software Testing Practice: Test Management", Andreas Spillner et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Previous by Thread:	[CISSP-D] REVIEW: "Software Testing Practice: Test Management", Andreas Spillner et al, Rob, grandpa of Ryan, Trevor, Devon & Hannah
Indexes:	[Date] [Thread] [Top] [All Lists]