Firewall Resources

Firewalling and system/network security is a huge subject. Table 11-3 shows some of the more useful sites and information that you can use to quickly get up to speed on the various topics in this chapter, as well as keep an eye on the industry and the latest security vulnerabilities and exploits by joining the included security mail lists.

Table 11-3: Firewall Resources

*TCP/IP resources*
Daryl's TCP/IP Primer	www.ipprimer.com/section.cfm
TCP: RFC793	www.faqs.org/rfcs/rfc793.html
IP: RFC791	www.faqs.org/rfcs/rfc791.html
Linux Firewall and Proxy Server HOWTO	www.tldp.org/HOWTO/Firewall-HOWTO.html

*TCP wrapper resources*
Red Hat Enterprise Linux Reference Guide	www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/ch-tcpwrappers.html

*Iptables resources*
Red Hat Enterprise Linux Reference Guide	www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/ch-iptables.html
IP tables/IP Masquerading	http://mia.ece.uic.edu/~papers/WWW/iptables.html www.e-infomax.com/ipmasq/howto/m-html/ipmasq-HOWTO-m.html
Packet Filtering HOWTO	www.netfilter.org/documentation/HOWTO/packet-filtering-HOWTO.html
Iptables quick HOWTO	www.cse.msu.edu/~minutsil/iptables.html
Linux 2.4 NAT HOWTO	www.netfilter.org/documentation/HOWTO/NAT-HOWTO.html
Netfilter Extensions HOWTO	www.netfilter.org/documentation/HOWTO/netfilter-extensions-HOWTO.html

*Firewall resources*
Advanced policy firewall suite	www.r-fx.org/apf.php
iptables tables and chains	www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html
Internet firewall FAQ	www.interhack.net/pubs/fwfaq/

*Other resources*
Red Hat Enterprise Linux Security Guide	www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/security-guide/ch-server.html
"Paranoid Penguin: Seven Top Security Tools"	www.linuxjournal.com/article.php?sid=7235
RFC 2647-Benchmarking Terminology for Firewall Performance	www.faqs.org/rfcs/rfc2647.html
Red Hat Linux 9 Firewalls	www.redhat.com/docs/manuals/linux/RHL-9-Manual/custom-guide/sl-basic-firewall-gnomelokkit.html
RFC 2647-Benchmarking Terminology for Firewall Performance	www.faqs.org/rfcs/rfc2647.html
Sentry Tools Project (includes portsentry)	http://sourceforge.net/projects/sentrytools/
Daryl's TCP/IP Primer, Network Address Translation (NAT)	www.ipprimer.com/nat.cfm
"Battling hackers," Jim DeBrosse	www.crime-research.org/eng/news/2003/03/Mess1603.html
Good security mail lists for sys-admins to join	CERT: www.cert.org/contact_cert/certmaillist.html SecurityFocus: www.securityfocus.com/cgi-bin/forums.pl NTBugTraq: www.ntbugtraq.com Xforce: xforce.iss.net/maillists/index.php