لطفا منتظر باشید ...
Chapter 7. TCP/IP Firewall
Security is increasingly important for
companies and individuals alike. The Internet provides them with a
powerful tool to distribute information about themselves and obtain
information from others, but it also exposes them to dangers from
which they were previously exempt. Computer crime, information theft,
and malicious damage are all potential dangers.This chapter covers the Linux features for setting up a firewall,
known both by its command interface (iptables) and its kernel subsystem name
(netfilter). This firewall implementation was
new in the 2.4 kernel and works substantially the same way in 2.6.A malicious person who gains access to a computer system may guess
system passwords or exploit the bugs and idiosyncratic behavior of
certain programs to obtain a working account on that host. Once they
are able to log in to the host, they may have access to sensitive
information. In a commercial setting, stealing, deleting, or
modifying information such as marketing plans, new project details,
or customer information databases can cause significant damage to the
company.The safest way to avoid such widespread
damage is to prevent unauthorized people from gaining network access
to the host. This is where firewalls come in.
|
Later we will present a sample firewall configuration that should
serve as a useful starting point in your own configuration, but as
with all security-related matters, you'll want to
make sure that you understand the information well enough to
customize it to suit your needs and verify that the result is
sufficient. Double-check the design, make sure that you understand
it, and then modify it to suit your requirements. To be safe, be
sure.
