Paranoid Penguin - Linux Firewalls for Everyone
A couple years ago, Linux Journal named iptables its Security Tool of the year. It really is a remarkable achievement. If you're serious about network security, you'll want to explore iptables' power in much greater detail than we've done in this article, starting with the iptables(8) man page and progressing through the how-tos available on the Netfilter home page (see Resources).
Whether you use iptables to protect your laptop or your entire enterprise network, I hope you've found this introduction useful. Be safe!
The Netfilter home page, where you can find the most current iptables-related how-tos: www.netfilter.org
Home page for Firewall Builder, an object-oriented GUI for generating and managing rules for several different types of firewalls, including iptables: www.fwbuilder.org
The Shorewall (Shoreline Firewall) home page: www.shorewall.net
Suehring, S., and Ziegler, R. Linux Firewalls, 3rd edition. Upper Saddle River, NJ: Novell Press, 2005.
Home page for Firestarter, an iptables GUI: www.fs-security.com
Home page for the Guarddog iptables GUI: www.simonzone.com/software/guarddog
Mick Bauer (firstname.lastname@example.org) is Network Security Architect for one of the US's largest banks. He is the author of the O'Reilly book Linux Server Security, 2nd edition (formerly called Building Secure Servers With Linux), an occasional presenter at information security conferences and composer of the “Network Engineering Polka”.
|September 2015 Issue of Linux Journal: HOW-TOs||Sep 01, 2015|
|September 2015 Video Preview||Sep 01, 2015|
|Using tshark to Watch and Inspect Network Traffic||Aug 31, 2015|
|Where's That Pesky Hidden Word?||Aug 28, 2015|
|A Project to Guarantee Better Security for Open-Source Projects||Aug 27, 2015|
|Concerning Containers' Connections: on Docker Networking||Aug 26, 2015|
- Optimization in GCC
- Using tshark to Watch and Inspect Network Traffic
- September 2015 Issue of Linux Journal: HOW-TOs
- Problems with Ubuntu's Software Center and How Canonical Plans to Fix Them
- Concerning Containers' Connections: on Docker Networking
- A Project to Guarantee Better Security for Open-Source Projects
- Firefox Security Exploit Targets Linux Users and Web Developers
- Where's That Pesky Hidden Word?
- My Network Go-Bag
- Doing Astronomy with Python