tailieunhanh - Lesson LPI 202: Chapter 4 - Advancer Linux Netword Administration System Security
Lesson LPI 202 Chapter 4 "Advancer Linux Netword Administration System Security" give you the knowledge: Ipchains and Iptables, Configuring a router, Securing FPT Servers,. With the specialized technology your information, this is a useful reference. | System Security Chapter 07 Advanced Linux Network Administration Objectives Ipchains and Iptables Configuring a router Securing FTP servers Secure shell (OpenSSH) TCP_wrappers Security tasks What is a Firewall? A set of related programs that protects the resources of a private network from users from other networks. A mechanism for filtering network packets based on information contained within the IP header. A means of maintaining sanity. Firewall Programs Ipfwadm : Linux kernel Ipchains : Linux kernel .* Iptables : Linux kernel .* Firewalls Network Level Two Types Packet Filter Stateful Packet Inspection – SPI IPTables is Both When looking at Linux firewalls we are looking at a network level firewall. This means that the firewall looks at packets and is not an application like a proxy server. There are two types of packet filtering firewalls. A simple packet filtering firewall that compares packets to pre-defined rules and process the packets according to the rules. The second is a Stateful Packet Inspection, SPI, this is a firewall that also looks at the state of the connection. IPTables allows a Linux computer to do both types of firewalls. Filtering Information Needed IP Address (Phone Number) Port (Extension) Can Filter by Source or Destination Can Filter by State There are two pieces of information needed to filter packets: AN IP Address which acts as a phone number to call; and a port which acts like an extension. These two can be used together to filter packets as they come into the network, or go out of the network. Packet filtering firewall can filter by source or destination address or port, or a combination of IP or port / source or destination. Packet filter can also include checking the current connection state. IPTables SPI NEW ESTABLISHED RELATED INVALID Network Address Translation – NAT DNAT SNAT REDIRECT IPTables is a SPI type firewall. IPTables allows for filtering based of the state of the connection. These states are: NEW the . | System Security Chapter 07 Advanced Linux Network Administration Objectives Ipchains and Iptables Configuring a router Securing FTP servers Secure shell (OpenSSH) TCP_wrappers Security tasks What is a Firewall? A set of related programs that protects the resources of a private network from users from other networks. A mechanism for filtering network packets based on information contained within the IP header. A means of maintaining sanity. Firewall Programs Ipfwadm : Linux kernel Ipchains : Linux kernel .* Iptables : Linux kernel .* Firewalls Network Level Two Types Packet Filter Stateful Packet Inspection – SPI IPTables is Both When looking at Linux firewalls we are looking at a network level firewall. This means that the firewall looks at packets and is not an application like a proxy server. There are two types of packet filtering firewalls. A simple packet filtering firewall that compares packets to pre-defined rules and process the packets according to the rules. The
đang nạp các trang xem trước