sorted by: recent | see : popular

Content Tagged with iptables + Security

The goal of the IPP2P project is to identify peer-to-peer (P2P) data in IP traffic. For this purpose we extended the iptables/netfilter architecture by a new matching module. Thereby IPP2P integrates itself easily into existing Linux firewalls and it’s functionality can be used by adding appropriate filter rules.

Blog de seguridad con diferentes articulos sobre iptables y su integración con otras herramientas como snort, implementacion de portknocking, etc

interesting! thanks dclug.. will have to check this out for dustball

This guide will walk through the setup and installation of Debian GNU/Linux and Squid proxy. Optionally, DansGuardian may be used in addition to provide URL blacklisting and content filtering. This guide will also work in CentOS, Ubuntu Dapper and later versions of Ubuntu.

IP Masquerade is a form of Network Address Translation or NAT which NAT allows internally connected computers that do not have one or more registered Internet IP addresses to communicate to the Internet via the Linux server’s Internet IP address. The software interface which enables one to configure the kernel for IP masquerading is iptables.

The bulk of the work therefore stays in the kernel's netfilter (that's for robustness and no user-land dependency), but the control interface is integrated with the usual firewalling script.

psad is a collection of three lightweight system daemons that run on Linux machines and analyze iptables log messages to detect port scans and other suspicious traffic.