Unix and Linux Security: An Introduction — Packet Filters,
Firewalls and ACLs
Back up to Unix and Linux Sec: An Intro
In this section we consider:
- host-based packet-filters and (stateful) firewalls, such as
IPTables (Linux) and IPFilter (Solaris);
- router-based access-control lists (ACLs);
and we look at some particular examples:
- dealing with RPC-based services — which do not operate with fixed
ports;
- firewalls which are default-deny outward and inward too —
pinhole/pinprick firewalls;
- and practical steps to building a firewall on a production system, i.e.,
a system that is already in service.