Der Paketfilter bei OpenWrt
Der Paketfilter bei OpenWrt
Über das Buch
OpenWrt bietet sich als alternatives Betriebssystem an für SOHO-Router, die nicht mehr oder zu selten aktualisiert werden. Aufgrund seiner Modularität eignet es sich auch für andere Projekte mit der unterstützten Hardware. Somit sind die Hürden, einen Router mit OpenWrt zu betreiben, sehr gering.
Dabei sollte nicht außer Acht gelassen werden, dass mit einem schlecht gewarteten Router sehr leicht beinahe jeder Zugriff auf die angeschlossenen Netzwerke und die darin enthaltenen Geräte erlangen kann.
Hier kann man mit dem in OpenWrt enthaltenen Paketfilter regulierend eingreifen.Wenn man die nötigen Kenntnisse besitzt.
Das ist das zentrale Thema des Buches: es will die nötigen Kenntnisse zum verantwortungsvollen Betrieb einer Paketfilter-Firewall, speziell mit Linux und insbesondere bei OpenWrt vermitteln. Dementsprechend sind die Schwerpunkte des Buches:
- grundlegende Kenntnisse über IP-Netzwerke für den Betrieb einer Paketfilter-Firewall,
- die Wirkungsweise des Netfilter-Systems bei Linux und
- die Konfiguration von Netfilter bei OpenWrt.
Ergänzt wird das Buch durch einige Kapitel, die sich speziellen praktischen Fragen rund um den Betrieb einer Paketfilter-Firewall mit OpenWrt widmen.
License
Über den Autor
Inhaltsverzeichnis
-
- Vorwort
-
Allgemeine Fragen
- Was ist OpenWrt?
- Was kann ich damit machen?
- Möglichkeiten und Grenzen
- Alternativen zum OpenWrt-Paketfilter
-
Grundlagen Netzwerkprotokolle
- Aufgaben eines Paketfilters
- Um welche Protokolle geht es?
- IPv4 für den Firewall-Administrator
- IPv6 für den Firewall-Administrator
- Gleichzeitiger Betrieb von IPv4 und IPv6
- ICMP und IGMP
- ICMPv6 für den Firewall-Administrator
- Network Address Translation
-
Grundlagen OpenWrt Paketfilter
- Netfilter: Kernel-Komponenten
- Netfilter: Benutzerprogramme
- Besonderheiten des Linux-Kernels
- Ein Modell der Firewall-Regeln bei OpenWrt
- Die Webschnittstelle LuCI
- Die zentrale Konfigurationsschnittstelle UCI
-
Praktische Fragen
- Wie ermittle ich meine persönlichen Anforderungen?
- Auswahl von Hardware und Software
- Härten des Systems
- Testen der Firewall
- Monitoring
- Kann ich Paketfilter umgehen?
- Wo platziere ich ein Tunnel-Gateway?
- Wie dokumentiere ich das System?
- Zusätzliche Software
- System aktualisieren
-
Anhang
- Analyse von Iptables-Firewalls
- Risikoanalyse
- Sicherheitsrichtlinien
- Glossar
- Literatur
- Kolophon
- Index
Unterstützte Institutionen
Electronic Frontier Foundation
Defending your civil liberties in a digital world.
https://www.eff.org/Based in San Francisco, EFF is a donor-supported membership organization working to protect fundamental rights regardless of technology.
Die bedingungslose Leanpub, Kein Risiko, 100% zufrieden Garantie
Innerhalb von 60 Tagen ab Kauf kannst du dein Geld zu 100% zurückverlangen, bei jedem Leanpub-Kauf, in nur zwei Klicks. Wir bearbeiten die Erstattungen manuell, daher dauert es ein paar Tage, bis der Betrag ankommt.
Lese die kompletten Bedingungen.
Do Well. Do Good.
Authors have earned$11,583,453writing, publishing and selling on Leanpub, earning 80% royalties while saving up to 25 million pounds of CO2 and up to 46,000 trees.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Top Books
- #1
SignalR on .NET 6 - the Complete Guide
Fiodar SazanavetsLearn everything there is to learn about SignalR and how to integrate it with the latest .NET 6 and C# 10 features. Learn how to connect any type of client to SignalR, including plain WebSocket client. Learn how to build interactive applications that can communicate with each other in real time without making excessive calls.
- #2
The easiest way to learn design patterns
Fiodar SazanavetsLearn design patterns in the easiest way possible. You will no longer have to brute-force your way through each one of them while trying to figure out how it works. The book provides a unique methodology that will make your understanding of design patterns stick. It can also be used as a reference book where you can find design patterns in seconds.
- #3
Functional event-driven architecture: Powered by Scala 3
Gabriel VolpeExplore the event-driven architecture (EDA) in a purely functional way, mainly powered by Fs2 streams in Scala 3!
Leverage your functional programming skills by designing and writing stateless microservices that scale, powered by stateful message brokers.
- #4
Tech Giants in Healthcare
Dr. Bertalan MeskoThis comprehensive guide, Tech Giants in Healthcare, clarifies how and why big tech companies step into healthcare, and breaks it down from one market player to the other in what direction they are going, what tools they are using and what horizons they have in front of them.
- #5
OpenIntro Statistics
David Diez, Christopher Barr, Mine Cetinkaya-Rundel, and OpenIntroA complete foundation for Statistics, also serving as a foundation for Data Science.
Leanpub revenue supports OpenIntro (US-based nonprofit) so we can provide free desk copies to teachers interested in using OpenIntro Statistics in the classroom and expand the project to support free textbooks in other subjects.
More resources: openintro.org.
- #6
Ansible for DevOps
Jeff GeerlingAnsible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
- #7
Recipes for Decoupling
Matthias Noback - #8
CCIE Service Provider Version 4 Written and Lab Exam Comprehensive Guide
Nicholas RussoThe service provider landscape has changed rapidly over the past several years. Networking vendors are continuing to propose new standards, techniques, and procedures for overcoming new challenges while concurrently reducing costs and delivering new services. Cisco has recently updated the CCIE Service Provider track to reflect these changes; this book represents the author's personal journey in achieving that certification.
- #9
Jetpack Compose internals
Jorge CastilloJetpack Compose is the future of Android UI. Master how it works internally and become a more efficient developer with it. You'll also find it valuable if you are not an Android dev. This book provides all the details to understand how the Compose compiler & runtime work, and how to create a client library using them.
- #10
C++20 - The Complete Guide
Nicolai M. JosuttisAll the new language and library features of C++20 (for those who know previous versions).
The book presents all new language and library features of C++20. Learn how this impacts day-to-day programming, to benefit in practice, to combine new features, and to avoid all new traps.
Buy early, pay less, free updates.
Other books:
Top Bundles
- #1
All the Books of The Medical Futurist
6 Books
We put together the most popular books from The Medical Futurist to provide a clear picture about the major trends shaping the future of medicine and healthcare. Digital health technologies, artificial intelligence, the future of 20 medical specialties, big pharma, data privacy, digital health investments and how technology giants such as Amazon... - #2
Practical FP in Scala + Functional event-driven architecture
2 Books
Practical FP in Scala (A hands-on approach) & Functional event-driven architecture, aka FEDA, (Powered by Scala 3), together as a bundle! The content of PFP in Scala is a requirement to understand FEDA so why not take advantage of this bundle!? - #3
CCIE Service Provider Ultimate Study Bundle
2 Books
Piotr Jablonski, Lukasz Bromirski, and Nick Russo have joined forces to deliver the only CCIE Service Provider training resource you'll ever need. This bundle contains a detailed and challenging collection of workbook labs, plus an extensively detailed technical reference guide. All of us have earned the CCIE Service Provider certification... - #5
Software Architecture for Developers: Volumes 1 & 2 - Technical leadership and communication
2 Books
"Software Architecture for Developers" is a practical and pragmatic guide to modern, lightweight software architecture, specifically aimed at developers. You'll learn:The essence of software architecture.Why the software architecture role should include coding, coaching and collaboration.The things that you really need to think about before... - #6
Pattern-Oriented Memory Forensics and Malware Detection
2 Books
This training bundle for security engineers and researchers, malware and memory forensics analysts includes two accelerated training courses for Windows memory dump analysis using WinDbg. It is also useful for technical support and escalation engineers who analyze memory dumps from complex software environments and need to check for possible... - #8
Modern C++ Collection
3 Books
Get All about Modern C++C++ Standard Library, including C++20Concurrency with Modern C++, including C++20C++20Each book has about 200 complete code examples. Updates are included. When I update one of the books, you immediately get the updated bundle. You can expect significant updates to each new C++ standard (C++23, C++26, .. ) and also... - #9
Linux Administration Complet
4 Books
Ce lot comprend les quatre volumes du Guide Linux Administration :Linux Administration, Volume 1, Administration fondamentale : Guide pratique de préparation aux examens de certification LPIC 1, Linux Essentials, RHCSA et LFCS. Administration fondamentale. Introduction à Linux. Le Shell. Traitement du texte. Arborescence de fichiers. Sécurité...
