Linux Firewalls

ISBN  0-7357-0900-9 £28.99  UK
Robert L. Ziegler
  8 Chapters, 3 appendices and index in 470 pages

One of my two lifelong best friends died while the book was being written.  To Gloria Frawley, who across the lifetimes has been friend, lover, brother, sister, parent, child, husband, wife.  UNtil we walk together again, thank you for the purest, most trusting, nonjudgemental love I've ever known, and for the best playmate I could ever hope for.

Chapter List

            Introduction

1  Preliminary Concepts Underlying Packet-Filtering Firewalls
2  Packet-Filtering Concepts
3  Building and Installing a Firewall
4  LAN Issues, Multiple Firewalls, and Perimeter Networks
5  Debugging the Firewall Rules
6  Verifying that the System is Running as You Expect
7  Issues at the UNIX System Administration Level
8  Intrusion Detection and Incident Reporting
Appendix A
  Security Resources
Appendix B
  Firewall Examples and Support Scripts
Appendix C
  Glossary
Synopsis

        Firewall and network security are not the things that most people get to know about.  However, the home LAN is becoming more common and the small business user is also more interested in security concepts than they once were.  GNU/Linux offers several built in security applications that can be used before considering buying in more expensive security applications.

Review

The author is Robert L. Zeigler.   There was a time when he was more interested in languages and philosophy.  Later on in life he took a masters degree this time in computer science.  Later on he developed a multiprocessor version of BSD 4.3 Unix as a side project to the uniprocessor project that he was working on with a team of technical experts.   He is now a principle engineer with Nokia.  He spends his waking hours designing firewall products for Nokia's Ipsilon products.

 Before I read this book I had configured and used several home LANs to work with IPCHAINS.  I found that it was reliable for small business use although I felt that larger businesses might need something that was more along the lines of increased paranoia.   I found that GNU/Linux Firewalls introduced me to some more concepts that I didn't know about.  If you have read anything about network or internet security then you will know that properly formed knowledge and being well informed are all important.  Know your enemy comes out of every page of the book :)

The first chapter is useful in that it explains a few basic concepts and also the confusing terminology that most people confront when they first try to understand firewalls and security concepts.  Chapter two then goes on to explain packet filtering concepts.  This is very useful since I find that Linux User Groups and even business users confuse each other with misleading and conflicting ideas all of the time.  At chapter three we finally get to the meaty bit.  Building and installing a firewall.  There's quite a bit of detailed explanation here.  Probably a bit too much for the first time user and there might be not quite enough for the advanced user.  Verification of correctly configured options is at chapter six.  This is extremely useful and might even help the advanced user.

All in all the entire book fills a small gap in the GNU/Linux security market.  It's very helpful in the right places and does point the reader towards issues that are not too well understood and what to read next.
 

Review by  Richard Ibbotson