Transport Layer Responses
Under certain conditions, the transport layer can issue responses to traffic. Firewalls or other filtering devices can implement filtering operations based on transport layer headers (see the iptables.sh script presented in Chapter 1), manufacture TCP RST or RST/ACK packets to tear down TCP connections, or throttle rates of incoming packets (such as the number of TCP SYN packets in a given period of time).
Note
We will see more active response measures in Chapter 10 and Chapter 11, where we'll show how iptables is used to respond at both the network and transport layers upon detecting application layer attacks.
However, the application layer is where most of the interesting action is these days in terms of breaking into ...
Get Linux Firewalls now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
