Michael Rash, the author behind "Linux Firewalls" chimes in about his background, his distro of choice, the current state of Linux security and much, much more.

He covers many issues and provides a lot of insight into security and Linux:

Question: What is the most interesting fact you've become aware of while researching for this book?

Intrusion detection systems and firewalls commonly offer the ability to tear down TCP connections by forging a RST packets, but the specifics of how this is done varies quite a bit across different IDS and firewall implementations. The most interesting fact I stumbled across during my research concerns differences in the handling of the ACK control bit on RST packets. For example,

The link for this article located at Net-Security.org is no longer available.