Discover Firewalls News

Computer Associates to Market Learn-by-Example Firewall

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Computer Associates, a business software vendor will market a 'host-based' firewall that learns-by-example to provide better security of computers and computer networks, the company said. The firewall provides centrally managed computer security and simplifies deployment on Windows systems, the company said.

Simple Firewall Configuration Using NetFilter/iptables

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Most major Linux distributions, SuSE ones included, feature some user interface for firewall configuration. There's nothing wrong with them but I couldn't get quite the configuration I wanted and chose to create configurations manually. The iptables man pages are really a documentation of syntactical detail of the iptables command line and don't provide guidance on composition of a firewall from a series of rules. There's a lot of scattered information about iptables that can be found using your favourite search engine but none of it quite taught me what I needed to know. In the end I figured out what I needed using a Vmware virtual machine running SuSE Linux Pro 10.0. The following is offered as documentation of simple firewall configuration using iptables. Verifying that the resultant firewall adequately secures the relevant hosts is left as an exercise for the reader.

Book: Designing and Implementing Linux Firewalls and QoS using netfilter, iproute, NAT and l7-filter

data:image/svg+xml,%3Csvg%20xmlns=%22https://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Firewalls are used to protect your network from the outside world. Using a Linux firewall, you can do a lot more than just filtering packets. This book shows you how to implement Linux firewalls and Quality of Service using practical examples from very small to very large networks.

After giving us a background of network security, the book moves on to explain the basic technologies we will work with, namely netfilter, iproute2, NAT and l7-filter. These form the crux of building Linux firewalls and QOS. The later part of the book covers 5 real-world networks for which we design the security policies, build the firewall, setup the script, and verify our installation.

Providing only necessary theoretical background, the book takes a practical approach, presenting case studies and plenty of illustrative examples.