Linux security and netfilter/iptables (1)

Linux has become very popular in the IT industry because of its robustness, reliability, flexibility, and customization that seems unlimited. Linux has many built-in capabilities that allow developers to customize their tools, behaviors, and appearances based on their own needs, without the need for expensive third-party tools. If the Linux system is connected to the Internet or LAN, server, or proxy server connected to the LAN and Internet, a built-in capability is to configure the firewall for the Linux system on the network. This capability can be used with the help of the netfilter/iptables IP information package filtering system which is integrated in the Linux Kernel 2.4.x.

In Linux information package filtering solutions such as ipfwadm and ipchains, the netfilter/iptables IP information package filtering system is the latest solution, it is also the first solution integrated into the Linux kernel. For Linux system administrators, network administrators, and home users who want to configure the firewall based on their specific needs, save costs on the firewall solution, and have full control over IP information packet filtering, the netfilter/iptables system is ideal.

Download link: http://down.51cto.com/data/148129

> Go to the treasure chest of network security tools and check out other security tools.

Understand firewall configuration and information packet filtering

For Linux systems connected to the network, the firewall is an essential defense mechanism. It only allows valid network traffic to access the system, and prohibits any other network traffic. To determine whether network traffic is valid, the firewall relies on a set of rules predefined by the network or system administrator. These rules tell the firewall whether a traffic is valid and what to do for network traffic from a source, to a destination, or with a certain protocol type. The term "Configure Firewall" refers to adding, modifying, and removing these rules. I will discuss these rules in detail later.

Network Traffic is composed of IP information packets (packets) or small pieces of data transmitted from the source system to the destination system in the form of streams. These information packages have headers, that is, some data bits attached to each package, which contain information about the source, destination, and protocol type of the information package. The firewall checks these headers according to a set of rules to determine which information package to accept and which information package to reject. This process is called information packet filtering.

Why do I need to configure my own firewall?

You need to configure the firewall according to specific requirements for various factors and reasons. Perhaps the most important reason is security.

Administrators may want their firewalls to prevent unauthorized sources from accessing their Linux systems, such as Telnet. They may also want to limit the network traffic in and out of their systems so that only traffic from the source can access their systems and only authorized traffic can go out. Home users may configure the firewall to a lower security level by allowing all outbound information packages to pass.

Another reason is that you can save bandwidth by blocking excessive traffic from sources such as ad sites.

Therefore, you can customize firewall configurations to meet any specific needs and any security level requirements. This is the use of the netfilter/iptables system.