Ebook: Linux firewalls attack detection and response with iptables, psad, and fwsnort

Linux firewalls provide capabilities that rival commercial firewalls, and are built upon the powerful Netfilter infrastructure in the Linux kernel. Linux Firewalls: Attack Detection and Response explores using Netfilter as an intrusion detection system (IDS) by combining it with Snort rulesets and custom open source software created by the author. Providing concrete examples to illustrate concepts, the book discusses Linux firewall log analysis and policies, passive network authentication and authorization, exploit packet traces and Snort ruleset emulation, and more. Perl and C code snippets are included to help readers maximize the deployment of Linux firewalls as effective mechanisms for the detection and prevention of various network-based attacks.