SunScreen 3.1 Lite Post: 7835

Sponsored Content

Special Forums Cybersecurity SunScreen 3.1 Lite Post 7835 by loadc on Tuesday 2nd of October 2001 02:59:46 PM

10-02-2001

Registered User

Wiley it is, then...

Yeah, I'd look for the Wiley book, that's the best "Get it up an running" book I've read off hand. I got it at B&N, there are a numbe ro fothers, and I'd be willing to bet that there is an excellent O'Reilly book for this, but I just didn't have the cash for the O'Reilly. I'd also get on the firewalls mailing list if you are going to be spending any serious amount of time on this little monster. They are a HUGE help and are usually very cordial to newbies. Depending upon what you want to do and what platform you choose there are other lists and such that concentrate strictly on walls from a specific discipline, I know there are bsd specific and Linux specific lists.
I'd also put some time into an IDS, your firewall is a good start, but your IDS can really be a life saver in the event of a break in, or just any sort of strangeness, we used Snort to find and root out the worm infected Win systems where I work.
I know this sounds like a mountain, and there is a lot ot take in when you start, but it's do-able, no doubt that I've seen some pretty non-technical people put together a reasonable firewall and security setup with just a bit of help and a lot of reading.

HTH,

loadc

loadc

View Public Profile for loadc

Find all posts by loadc

3 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

sunscreen 3.0

Dear Guys , Can anyone advise me , how can i configuer this firewall ( SunScreen 3.0 ) . i need basic steps and advises . or if there is a link that i can find the steps how to configuer it . thx

2. UNIX and Linux Applications

SQL Lite query

Hello Everyone, I am looking to write a script that will run on many machines in a network at the same time. They need to write a result to a common location. I plan to use a SQLlite database as this common writing point. But the concern I have is how SQLlite will react to multiple writes that...

3. Shell Programming and Scripting

ambigouity on using Mime::Lite?

Hi Everyone, I have a question related to using MIME::Lite module in perl.Below i mentioned code blocks used for sending mail through MIME::Lite. $msg = MIME::Lite -> new ( From => $from, To => $to, Subject...

LEARN ABOUT REDHAT

tc-fw

Firewall mark classifier in tc(8)				       Linux					 Firewall mark classifier in tc(8)

NAME

       fw - fwmark traffic control filter

SYNOPSIS

       tc filter ... fw [ classid CLASSID ] [ action ACTION_SPEC ]

DESCRIPTION

       the fw filter allows to classify packets based on a previously set fwmark by iptables.  If it is identical to the filter's handle, the fil-
       ter matches.  iptables allows to mark single packets with the MARK target, or whole connections using CONNMARK.	The benefit of using  this
       filter  instead of doing the heavy-lifting with tc itself is that on one hand it might be convenient to keep packet filtering and classifi-
       cation in one place, possibly having to match a packet just once, and on the other users familiar with iptables but not tc will have a less
       hard time adding QoS to their setups.

OPTIONS

       classid CLASSID
	      Push matching packets to the class identified by CLASSID.

       action ACTION_SPEC
	      Apply an action from the generic actions framework on matching packets.

EXAMPLES

       Take e.g. the following tc filter statement:

	      tc filter add ... handle 6 fw classid 1:1

       will match if the packet's fwmark value is 6.  This is a sample iptables statement marking packets coming in on eth0:

	      iptables -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 6

SEE ALSO

       tc(8), iptables(8), iptables-extensions(8)

iproute2							    21 Oct 2015 				 Firewall mark classifier in tc(8)