Rating: 
Summary: Excellent book - well worth the read!
Review: As a System Administrator who is trying to add new skills to his resume, and a home cablemodem user who wants to protect his private network from hackers on the Internet, I have found Mr. Ziegler's book, "Linux Firewalls", to be excellent, as I have also found his website to be. I read his book, cover to cover, within 24 hours of it's purchase (no small feat). Most informative!It takes an honored place on my bookshelf, next to my other firewall bibles (Chapman & Zwicky's "Building Internet Firewalls" and Cheswick & Bellovin's "Firewalls and Internet Security : Repelling the Wily Hacker").
Rating:
Summary: Obsession with details
Review: Good points: * Lots of details about how to set up packet filtering in Linux. * Good reference material about various ports & services. Bad points: * The command lines in his "rc.firewall" scripts are long and thus wrap when printed in the book, making the scripts VERY difficult to read. A smaller, fixed-pitch font for the scripts, and good use of column alignment would have helped tremendously. * Scant discussion of the "hosts.allow" and "hosts.deny" files, or of TCP/IP wrappers and inetd. Both are an essential part of Linux firewalls. * The overall organization of the book is good, but some of the detail in the chapters is not well organized. Since he protects against invalid packets going OUT as well as coming IN, there's a lot of detail that many people will not want. That detail tends to obscure the WHY of what he's doing. * In the appendix, he lists in exhaustive detail all his firewall rules, and then lists them AGAIN in a "better" order. Yes, the second order is better for BOTH efficiency and understanding, so why provide the first list? Actually, there are SIX complete lists in the appendix: three for ipchains, and another three lists for ipfwadm), but that's another story ... All in all, a good book in spite of the above. There are a few typos, but once you understand what he's doing, the typos are obvious.
Rating:
Summary: Obsession with details
Review: Good points: * Lots of details about how to set up packet filtering in Linux. * Good reference material about various ports & services. Bad points: * The command lines in his "rc.firewall" scripts are long and thus wrap when printed in the book, making the scripts VERY difficult to read. A smaller, fixed-pitch font for the scripts, and good use of column alignment would have helped tremendously. * Scant discussion of the "hosts.allow" and "hosts.deny" files, or of TCP/IP wrappers and inetd. Both are an essential part of Linux firewalls. * The overall organization of the book is good, but some of the detail in the chapters is not well organized. Since he protects against invalid packets going OUT as well as coming IN, there's a lot of detail that many people will not want. That detail tends to obscure the WHY of what he's doing. * In the appendix, he lists in exhaustive detail all his firewall rules, and then lists them AGAIN in a "better" order. Yes, the second order is better for BOTH efficiency and understanding, so why provide the first list? Actually, there are SIX complete lists in the appendix: three for ipchains, and another three lists for ipfwadm), but that's another story ... All in all, a good book in spite of the above. There are a few typos, but once you understand what he's doing, the typos are obvious.
Rating: 
Summary: Great book on IPCHAINS
Review: I bought this book a couple months ago after trying in vain to find good examples of a default DENY policy firewall for Linux that also uses Masquerading. Lots of documentation is on the internet dealing with IPCHAINS and firewalling, but very few go into depth like this book. Some reviewers stated that there weren't enough explanations of the examples but I feel that, that is a good thing. I don't think someone who has never used or tried to implement a firewall should look here for good reasoning behind the rulesets given, this book is for someone who understands TCP/IP and can use the help with the syntax. When I recieved the book I was a little worried that it would not cover what I needed it to since it is geared toward small firewalls that would suit a home user best, but when I read the book I also found a great example of a screened-subnet firewall which was helpful in the planning of our new setup at work. All in all I'm happy with the title. I will point out however that even though this book is fairly new it will shortly be outdated. The firewall code for Linux is changing yet again to NETFILTER that will require a whole new syntax; that is expected this October.
Rating:
Summary: Security Primer
Review: I found the book to be written to a advanced beginner - intermediate level. It had a good discussion of the basics, and yet did not shy away from the complexities of the system. It has been a constant and rewarding companion as we make the switch it Linux in my lab. An Excellent book.
Rating: 
Summary: Amazing Crystal Ball Gazing review
Review: I have not read the second edition of Linux Firewalls, but to complete the form I had to select the number of stars I would assign to this book. Neither have any of the people who have their reviews published on this website. How do I know? Check the review dates, they all predate the release date of the second edition of Linux firewalls, some by a year or more. I presume these reviews are for the first edition. How about stating these reviews apply to the first edition? Or maybe just don't include them. Possibly we are to infer the first edition and the second edition are identical in content and one is just a reprint of the other, if that is the case I might as well save some money and just buy the physically older but content wise current first edition! Unbelievable! But I suppose this will never make the web page because it is dangerously close to the embarrassing truth.
Rating:
Summary: Very well researched, clear discussion
Review: I have used ipfilter on FreeBSD for many years, and I'm now starting to deploy Linux. Ziegler presents an extremely well researched book. Particularly impressive is his discussion of the nastier protocols like DHCP and FTP. Getting ssh and smtp through a firewall is pretty simple, it's the tougher protocols that really require some thought, and it's clear he's done that. Along with explaining the protocols, he explains how iptables works and how to apply the protocol knowledge to building iptables rules. The appendices where he assembles all of the rules together are worth the price of the book all by themselves. I wish half of my technical books were as good a value as this one.
Rating:
Summary: Very well researched, clear discussion
Review: I have used ipfilter on FreeBSD for many years, and I'm now starting to deploy Linux. Ziegler presents an extremely well researched book. Particularly impressive is his discussion of the nastier protocols like DHCP and FTP. Getting ssh and smtp through a firewall is pretty simple, it's the tougher protocols that really require some thought, and it's clear he's done that. Along with explaining the protocols, he explains how iptables works and how to apply the protocol knowledge to building iptables rules. The appendices where he assembles all of the rules together are worth the price of the book all by themselves. I wish half of my technical books were as good a value as this one.
Rating:
Summary: Quite useful to me
Review: I looked at both this book and the "Linux and OpenBSD Firewall" books before deciding on this one. This book does a much more exhaustive job of explaining how to build a linux firewall. Going beyond just telling you "here's what you want your firewall script to look like" which is what I felt the other book did, this title explains why you shouldn't have certain daemons running on the firewall, what ports to block and the possible consequences and attack types that can come from not blocking a specific port. Amusingly enough, it even tells you the port to leave open if you plan on running a Quake server. As pointed out below, the wrap around on some of the examples is annoying. The book also is dedicated to handling the threat from the outside, it does not deal with the internel threat that any company needs to guard against, though it is pointed out in the very beginning that this book isn't designed to deal with internal threats, so I don't see this as a negative. I found the book easy to read. There are some technical books you dread picking up since they are so stale, this fortunately I found not to be like that. The entire book is dedicated to firewalls. Some firewall books I have seen a good chunk of the book is choosing hardware and how to install the OS. The author of this book intelligently reasoned that his readers already have Linux installed and want a book on firewalls, not a how to install the OS.
Rating:
Summary: VERY USEFUL, Must have book!
Review: I love this book! It covers everything someone needs to know about iptables and how to properly configure it for any setup. It's a great refrence to have for any machine running linux.
| 
