Knock, Knock Let Me In

Do you know who is trying to get in to your network. Someone is always knocking at your door. The doors of the network is called ports. Anyone working on my network should have a fairly good understanding and knowledge of why a port is open, and if they do not have a good reason for it to be open then close it. Port knocking provides a stealthy method of authentication and information transfer to a networked machine that has no open ports. Some basic functionality needs to be provided with any port knocking implementation:

1. A way to monitor the firewall log file needs to be devised. 
2. A method to extract the sequences of ports from the log file and translate their payload into usable information. 
3. Once the information is obtained from the sequence, the implementation must provide some way to manipulate the firewall rules.

Port knocking sounds like a great solution when it comes to monitoring closed ports on a firewall, but it does come with a few disadvantages. You have to use client script in order to perform the knocks. This script should be kept a secret and on a removable media such as a USB drive. A number of ports need to be allocated for exclusive use by the system. Any system that manipulates firewall rules in an automated fashion requires careful implementation.

Linux in a Nutshell 5th Edition Review

Linux in a Nutshell, 5th Edition By: Ellen Siever, Aaron Weber, Stephen Figgins, Robert Love, Arnold Robbins, et al. is a fantastic reference book for both newbies to Linux or system administrators that have 20+ years of experience. The book is published by O'Reilly Media, which is the leader in great and easy to read technical book. The book is a massive 944 pages. Two-thirds of which is commands to use with linux and a detail and examples of most if not all the options with that command. If you are reading a forum post and want to find the truth about what that command is doing to the system then use this book to find that out so you want be left with possible deleting your system. The list of commands are in alphabetical order so they are easy to thumb to the correct command. It is great to learn about the commands. I think adding the commands in this kind of list and format is the best thing about the book. I will use that section for years to come. 

Also if you want to know about how to set up different services or servers running Linux you can with this book also. You can learn about DNS/BIND, SSH, file sharing, networking and a lot more within the other chapters of the book. 

My only caution with this book is that it is for the person wanting to become proficient in the use of the command line. It is not for the typical user unless you love the command line. If you are a casual user then I would recommend an Ubuntu book by O'Reilly. There are no graphics in the book, so you will know the command line by the time you study and read this book. Also you cannot understand the command line unless you use it day in and day out.

I give this book 4 out of 5 Penguins just because I wished they would have given more examples and covered more administration topics and expanded on them. But it is still a wonderful book and reference tool. It will stay next to me and my computer.