The book of PF : a no-nonsense guide to the OpenBSD firewall

The book of PF a no-nonsense guide to the OpenBSD firewall

A solid understanding of OpenBSD's PF subsystem is a necessity for any network administrator working in a BSD environment. PF is the heart of the OpenBSD firewall but there are few quality books and resources for learning PF, which is often a difficult tool to master. This second edition of The...

Full description

Bibliographic Details
Main Author: Hansteen, Peter N. M. (-)
Format: eBook
Language:Inglés
Published: San Francisco : No Starch Press c2011.
Edition:2nd ed
Subjects:
OpenBSD (Electronic resource)
TCP/IP (Computer network protocol)
Firewalls (Computer security)
See on Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627813606719
Table of Contents:
  • Foreword; Acknowledgments; Introduction; This Is Not a HOWTO; What This Book Covers; 1: Building the Network You Need; Your Network: High Performance, Low Maintenance, and Secure; Where the Packet Filter Fits In; The Rise of PF; If You Came from Elsewhere; Pointers for Linux Users; Frequently Answered Questions About PF; A Little Encouragement: A PF Haiku; 2: PF Configuration Basics; The First Step: Enabling PF; Setting Up PF on OpenBSD; Setting Up PF on FreeBSD; Setting Up PF on NetBSD; A Simple PF Rule Set: A Single, Stand-Alone Machine; A Minimal Rule Set; Testing the Rule Set
  • Slightly Stricter: Using Lists and Macros for ReadabilityA Stricter Baseline Rule Set; Reloading the Rule Set and Looking for Errors; Checking Your Rules; Testing the Changed Rule Set; Displaying Information About Your System; Looking Ahead; 3: Into the Real World; A Simple Gateway; Keep It Simple: Avoid the Pitfalls of in, out, and on; Network Address Translation vs. IPv6; Final Preparations: Defining Your Local Network; Setting Up a Gateway; Testing Your Rule Set; That Sad Old FTP Thing; If We Must: ftp-proxy with Redirection; Making Your Network Troubleshooting Friendly
  • Do We Let It All Through?The Easy Way Out: The Buck Stops Here; Letting ping Through; Helping traceroute; Path MTU Discovery; Tables Make Your Life Easier; 4: Wireless Networks Made Easy; A Little IEEE 802.11 Background; MAC Address Filtering; WEP; WPA; The Right Hardware for the Task; Setting Up a Simple Wireless Network; An OpenBSD WPA Access Point; A FreeBSD WPA Access Point; The Access Point's PF Rule Set; Access Points with Three or More Interfaces; Handling IPSec, VPN Solutions; The Client Side; Guarding Your Wireless Network with authpf; A Basic Authenticating Gateway
  • Wide Open but Actually Shut5: Bigger or Trickier Networks; A Web Server and Mail Server on the Inside- Routable Addresses; A Degree of Separation: Introducing the DMZ; Sharing the Load: Redirecting to a Pool of Addresses; Getting Load Balancing Right with relayd; A Web Server and Mail Server on the Inside-the NAT Version; DMZ with NAT; Redirection for Load Balancing; Back to the Single NATed Network; Filtering on Interface Groups; The Power of Tags; The Bridging Firewall; Basic Bridge Setup on OpenBSD; Basic Bridge Setup on FreeBSD; Basic Bridge Setup on NetBSD; The Bridge Rule Set
  • Handling Nonroutable Addresses from Elsewhere6: Turning the Tables for Proactive Defense; Turning Away the Brutes; SSH Brute-Force Attacks; Setting Up an Adaptive Firewall; Tidying Your Tables with pfctl; Giving Spammers a Hard Time with spamd; Network-Level Behavior Analysis and Blacklisting; Greylisting: My Admin Told Me Not to Talk to Strangers; Tracking Your Real Mail Connections: spamlogd; Greytrapping; Managing Lists with spamdb; Detecting Out-of-Order MX Use; Handling Sites That Do Not Play Well with Greylisting; Spam-Fighting Tips; 7: Queues, Shaping, and Redundancy
  • Directing Traffic with ALTQ

Similar Items