"You can never be too rich, too thin, or too paranoid"

	Linux Firewalls by Frank Ball and Devin Carraway 2/13/01

Security: who needs it anyway?
   I don't have anything important on my machine.
   Denial of service attacks
   Liability, risks

whats a port?  no details, get through this fast.
  tcp, udp
     priviliged ports (1-1023)
     non-priviliged, high numbered, ports (1024-65535)
  icmp
     types, codes
  SYN, FIN, ACK, packets, stealth scans (just a quick mention)

netmasks and formats for IP address ranges.  This would be easy to get
bogged down with.  Just a few examples /32, /24, 0.0.0.0/0

Firewalls
  Hardware 
  Software
     INPUT MASQ OUTPUT
     ACCEPT REJECT DENY
     ipmasqadm (port forwarding)
     kernel 2.4.X and states (devin)

Sample firewall
   Block diagram of concepts, philosophy of paranoia, default to DENY.
   My 2.2 firewall, some stuff stripped out, profuse comments added.
   Devin's 2.4 firewall

Starting the firewall
   /etc/rc.d/init.d/firewall
   /etc/rc.d/rc3.d/S08firewall

Shutting down unnecessary services
   don't run what you don't need
   /etc/inet.d
   /etc/xinet.d
   /etc/rc.d/rc3.d/
   /etc/rc.d/rc5.d/

Passwords
   Don't send your password in the clear (ftp and telnet)
   Don't pick stupid passwords

Programs to automatically generate firewalls

Demo

Testing
  nmap
  nessus.org
  using route to set a route to test offline
  web pages (hackerwacker, etc)

Monitoring Log Files
  tcplog udplog icmplog
  snplog
  grep
  logcheck
  logwatch swatch
  what to do when you find something in your logs
    mynetwatchman

Detecting intrusion
  rpm
  tripwire

References
  www.nblug.org/firewall/