Summary

Throughout this chapter, we discussed security threats found at each of the OSI layers and saw how we can protect running services with a practical example.

Layer 1 attacks (mostly cable cuts) cannot be addressed with Linux.
Layer 2 attacks can be very disruptive as they can affect upper layer information.
Layer 3 attacks include packet sniffing, IP spoofing, and ICMP attacks.
Layer 4 attacks derived from TCP and UDP vulnerabilities include TCP SYN flooding, Land attacks, TCP connection hijacking, UDP floods, and Port scan attacks.
Layer 5, 6, and 7 attacks consist of attacks against different applications. We saw some advice on how to safely run DNS, CVS, Apache web server, Mail, OpenSSL, and SNMP services.
We gave an example on how to protect ...

Get Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Designing and Implementing Linux Firewalls and QoS using netfilter, iproute2, NAT, and L7-filter by

Summary

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly