Summary
Throughout this chapter, we discussed security threats found at each of the OSI layers and saw how we can protect running services with a practical example.
- Layer 1 attacks (mostly cable cuts) cannot be addressed with Linux.
- Layer 2 attacks can be very disruptive as they can affect upper layer information.
- Layer 3 attacks include packet sniffing, IP spoofing, and ICMP attacks.
- Layer 4 attacks derived from TCP and UDP vulnerabilities include TCP SYN flooding, Land attacks, TCP connection hijacking, UDP floods, and Port scan attacks.
- Layer 5, 6, and 7 attacks consist of attacks against different applications. We saw some advice on how to safely run DNS, CVS, Apache web server, Mail, OpenSSL, and SNMP services.
- We gave an example on how to protect ...
Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.