BKTSLNFW.RVW 20071110 "Troubleshooting Linux Firewalls", Michael Shinn/Scott Shinn, 2005, 0-321-22723-9, U$44.99/C$64.99 %A Michael Shinn www.gotroot.com %A Scott Shinn %C P.O. Box 520, 26 Prince Andrew Place, Don Mills, Ontario M3C 2T8 %D 2005 %G 0-321-22723-9 %I Addison-Wesley Publishing Co. %O U$44.99/C$64.99 416-447-5101 fax: 416-443-0948 bkexpress@aw.com %O http://www.amazon.com/exec/obidos/ASIN/0321227239/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/0321227239/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/0321227239/robsladesin03-20 %O Audience i Tech 2 Writing 2 (see revfaq.htm for explanation) %P 369 p. %T "Troubleshooting Linux Firewalls" Even though it is contained within part one of the book itself, chapter one is basically a preface. It outlines the tripartite nature of the work, which contains basic security principles and background on firewalls (presented from a context of risk management), diagnostic tools to use in order to identify the specifics of problems, and cookbook type solutions to common problems. Part one, therefore, starts out with the general principles, and chapter one, as well as the outline of the book, presents some of these conceptual details. The risk management that is outlined in chapter two is mostly structured on project management and process. Utilities to manage and maintain bastion security for firewall machines are noted in chapter three. A troubleshooting methodology is suggested in chapter four. Part two examines tools and internals in regard to investigation of issues. Chapter five looks at the OSI (Open Systems Interconnection) model. This is mostly in terms of details of the various protocols, but there is a quick run-through of items to check in the different layers of the OSI stack. Flowcharts of netfilter and iptables utilities, provided in chapter six, can assist in demonstrating how the processes work, and so how to find out when they don't. The rules for iptables are discussed in chapter seven (and I am delighted to see some attention paid to egress filtering). Basic utilities are mentioned in chapter eight, and specific diagnostic tools in nine. Part three, although entitled diagnostics, is the "how to" cookbook section. A variety of situations and functions, as addressed by different types of filters, are described as the chapters proceed through testing firewall rules (in chapter ten: although the material is basically limited to penetration testing), layer 2 filtering (chapter eleven), NAT (Network Address Translation) and forwarding (twelve), general IP (Internet Protocol) at layers 3 and 4 (thirteen), SMTP (Simple Mail Transfer Protocol) and email (fourteen), Web services (fifteen), file services (NFS and ftp, in sixteen), instant messaging (seventeen), DNS (Domain Name Service) and DHCP (Dynamic Host Configuration Protocol) (eighteen), and virtual private networks (nineteen). Within the well-defined limits set on the book by the authors, it fulfills all three purposes quite well. Those who need to manage and maintain firewalls in a Linux environment, but have limited resources or background, will find it quite useful. copyright Robert M. Slade, 2007 BKTSLNFW.RVW 20071110