REVIEW - Linux Firewalls


Linux Firewalls


Robert Loren Ziegler, Carl B. Constantine




Que (1999)




Mike Ellis


December 2001



Both firewalling and Linux are hot topics at the moment, so this book is a sure winner, right? Well, right and wrong. Best practice in both firewalling and Linux are moving forwards so rapidly and anything written on paper has the habit of going rapidly out of date. Robert Ziegler has tried to keep his writing as up to date as possible and covers both ipchains and ipforward style Linux firewalls. Unfortunately when the book was written, the netfilter modules now used by almost all distributions of Linux were not available and so are not mentioned in this book. This is not such a great disadvantage, however, since netfilter incorporates backward compatibility with both ipchains and ipforward.

To his great credit, Mr Ziegler has managed to write a technical book that can be read both as a 'copy-by-rote' guide and as a tutorial on how to design your own firewall. For those interested enough, there is plenty of background information on the hows and whys, while for the less interested there are scripts that can be simply copied (or downloaded) and used. As with most things, however, understanding will allow the scripts to be modified to cope with new threats to your network as they become apparent.

Linux Firewalls makes no assumptions about which version of Linux you're using beyond the use of kernel 2.x. Since all of the popular distributions have used 2.0 or greater kernels for several years now, this is a fair assumption to make.

Robert has taken pains to point out that a firewall is only the first line of defence in any computer network and that regular security sweeps using tools such as tripwire, as well as dynamic port protection such as portsentry are also vital to secure your network.

Overall a very good book, but because of the subject area, one with a relatively short lifetime unless updated regularly. Recommended with reservations (becoming out-of-date).

Book cover image courtesy of Open Library.