On Mon, Sep 5, 2011 at 3:52 AM, Heddle Weaver <weaver2world@gmail.com> wrote:
> Hello,
>
> Taking first steps in the security world.
> I know that a 'firewall' is nothing but a configuration file for iptables,
> but that's about it.
Yes, a "firewall" works with just a few netfilter commands, but it is
not just that :)
And the iptables man page... is hard to memorize just its the full
content/modules/options.
What about kernel sysctl for example ? there is a whole "net"
subsystem of kernel variables (sysctl -a | grep net) the documentation
for that is included with the kernel sources and sparse on the
internet...
What about logrotate and rsyslogd config ? What about the subnets arp
changes monitoring ? etc etc...
Some links I think I haven't see in the thread:
> I need recommendations for literature or other sources of reliable knowledge
> that start off with answers to questions such as: 'What is a port?'
* http://lartc.org/howto/
* http://netfilter.org/documentation/index.html
Religion is regarded by the common people as true,
by the wise as false,
and by the rulers as useful.
— Lucius Annæus Seneca.
Terrorism, the new religion.