Monday, April 04, 2011
Anu
I seem to work best at night, it’s dark out, and generally quite dark inside too; there is more bandwidth because it is off peek, and in general there is nobody coming over or phoning and interrupting me. Incidentally, its also when I do the majority of my reading, at home; in bed, at night. Much more pleasant that way…
PSAD
Linux Firewalls takes you right from the very start of how iptables works to manually porting Snort rules over to iptables for detection, and in my humble opinion, it does a damn good job of it. In fact, it done such a good job of it, I have used the reference firewall scripts and PSAD configurations to install and configure iptables and PSAD on my new VPS, which I will hopefully be moving some of my sites to.
Some of the things you should probably have already if you want to get the best out of Linux Firewalls is…
- A comfortable familiarity with the distribution of Linux you wish to use.
- Basic understanding of how networks communicate.
- Reasonable understanding of how TCP works (ie. the three way handshake)
- Reasonable understanding of how UDP works
- A system to test this stuff on, if you don’t have a system to test this stuff out on, you could always set up a few virtual machines using VirtualBox or VMWare.
- A will to learn about this kind of stuff
Missing any one of these things (except the will to learn, thats pretty important) probably isn’t going to be a huge deal, but if your missing a lot of them, you might struggle a bit with some of the concepts.
#!/bin/sh #Port and IP addresses changed to protect the innocent. IPTABLES=/sbin/iptables MODPROBE=/sbin/modprobe ### Flush existing rules and settings. Set to default drop. echo "[+] Flushing existing iptables rules..." $IPTABLES -F $IPTABLES -X #$IPTABLES -t nat -F CLICK HERE TO DOWNLOAD FULL SCRIPT (1.82KB)
Thanks...
Posted in
0 comments:
Post a Comment