Order (or just read more about) Linux Firewalls from Amazon.com
Although the introduction says "This book assumes some familiarity with TCP/IP networking concepts", it actually requires a pretty fair familiarity. Do not make the mistake of assuming that this is some cookie cutter approach that's going to teach you a bit about iptables and give you some scripts you can slap into place and forget. There are books that do that, but this isn't one.
The subtitle is "Attack Detection and Response with iptables, psad and fwsnort". Michael Rash is the author of psad, fwknop, and fwsnort among other things, so you can trust he knows what he's talking about here.
This is much more about learning how attackers try to get in and developing the countermeasures to keep them out. As everyone keeps reminding you, security is a journey, not a destination: you never get to "secure", you just work at it incessantly.
As such, this is a good book - I'm not sure it's a "great book" as the foreword proclaims, but then I'm probably too stingy with my superlatives. It's also possible that I'm simply not well versed enough in this area to appreciate greatness when it falls into my grubby little hands.
Nevertheless, I enjoyed this, and if you do know enough about networking to do a bit more than set your box to "Obtain an IP address automatically", you might enjoy it also. Michael Rash is the developer of the Dragon IDS and you'll find his website at https://www.cipherdyne.org/.
Tony Lawrence 2007-10-31 Rating:
Got something to add? Send me email.
More Articles by Anthony Lawrence © 2011-04-28 Anthony Lawrence
Zawinski's Law: Every program attempts to expand until it can read mail. Those programs which cannot so expand are replaced by ones which can. (Jamie Zawinski)