Michael Rash, Security Researcher

Linux Firewalls Book Cover

Linux Firewalls Cover No Starch Press has created a clever piece of cover art for my upcoming book Linux Firewalls: Attack Detection and Response. The book should be available in early to mid 2007, and discusses intrusion detection and response with iptables firewalls, including significant coverage of both psad and fwsnort. One chapter will also cover visualizing iptables logs, with particular emphasis on the Scan30 and Scan34 challenges from the Honeynet Project. Iptables log visualization is made possible by combining the new --CSV-* options available in psad-2.0 with the AfterGlow project. In addition, two chapters deal with the rise of port knocking and Single Packet Authorization, particularly with fwknop.