PfSense 2 Cookbook

PfSense 2 Cookbook

Author: Matt Williamson

Publisher: Packt Publishing Ltd

Published: 2011-03-23

Total Pages: 292

ISBN-13: 1849514879

DOWNLOAD EBOOK

Master Wicket by example by implementing real-life solutions to every day tasks.


pfSense 2.x Cookbook

pfSense 2.x Cookbook

Author: David Zientara

Publisher: Packt Publishing Ltd

Published: 2018-12-17

Total Pages: 289

ISBN-13: 1789808081

DOWNLOAD EBOOK

A practical, example-driven guide to configuring even the most advanced features of pfSense 2.x Key FeaturesBuild a high-availability fault-tolerant security system with pfSense 2.xLeverage the latest version of pfSense to secure your cloud environmentA recipe-based guide that will help you enhance your on-premise and cloud security principlesBook Description pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for flexible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings. pfSense 2.x Cookbook – Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom floating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages. What you will learnConfigure the essential pfSense services (namely, DHCP, DNS, and DDNS)Create aliases, firewall rules, NAT port-forward rules, and rule schedulesCreate multiple WAN interfaces in load-balanced or failover configurationsConfigure firewall redundancy with a CARP firewall failoverConfigure backup/restoration and automatic configuration-file backupConfigure some services and perform diagnostics with command-line utilitiesWho this book is for This book is intended for all levels of network administrators. If you are an advanced user of pfSense, then you can flip to a particular recipe and quickly accomplish the task at hand; if you are new to pfSense, on the other hand, you can work through the book chapter by chapter and learn all of the features of the system from the ground up.


Mastering OpenVPN

Mastering OpenVPN

Author: Eric F Crist

Publisher: Packt Publishing Ltd

Published: 2015-08-28

Total Pages: 364

ISBN-13: 1783553146

DOWNLOAD EBOOK

Master building and integrating secure private networks using OpenVPN About This Book Discover how to configure and set up a secure OpenVPN Enhance user experience by using multiple authentication methods Delve into better reporting, monitoring, logging, and control with OpenVPN Who This Book Is For If you are familiar with TCP/IP networking and general system administration, then this book is ideal for you. Some knowledge and understanding of core elements and applications related to Virtual Private Networking is assumed. What You Will Learn Identify different VPN protocols (IPSec, PPTP, OpenVPN) Build your own PKI and manage certificates Deploy your VPN on various devices like PCs, mobile phones, tablets, and more Differentiate between the routed and bridged network Enhance your VPN with monitoring and logging Authenticate against third-party databases like LDAP or the Unix password file Troubleshoot an OpenVPN setup that is not performing correctly In Detail Security on the internet is increasingly vital to both businesses and individuals. Encrypting network traffic using Virtual Private Networks is one method to enhance security. The internet, corporate, and “free internet” networks grow more hostile every day. OpenVPN, the most widely used open source VPN package, allows you to create a secure network across these systems, keeping your private data secure. The main advantage of using OpenVPN is its portability, which allows it to be embedded into several systems. This book is an advanced guide that will help you build secure Virtual Private Networks using OpenVPN. You will begin your journey with an exploration of OpenVPN, while discussing its modes of operation, its clients, its secret keys, and their format types. You will explore PKI: its setting up and working, PAM authentication, and MTU troubleshooting. Next, client-server mode is discussed, the most commonly used deployment model, and you will learn about the two modes of operation using "tun" and "tap" devices. The book then progresses to more advanced concepts, such as deployment scenarios in tun devices which will include integration with back-end authentication, and securing your OpenVPN server using iptables, scripting, plugins, and using OpenVPN on mobile devices and networks. Finally, you will discover the strengths and weaknesses of the current OpenVPN implementation, understand the future directions of OpenVPN, and delve into the troubleshooting techniques for OpenVPN. By the end of the book, you will be able to build secure private networks across the internet and hostile networks with confidence. Style and approach An easy-to-follow yet comprehensive guide to building secure Virtual Private Networks using OpenVPN. A progressively complex VPN design is developed with the help of examples. More advanced topics are covered in each chapter, with subjects grouped according to their complexity, as well as their utility.


Network Vulnerability Assessment

Network Vulnerability Assessment

Author: Sagar Rahalkar

Publisher: Packt Publishing Ltd

Published: 2018-08-31

Total Pages: 243

ISBN-13: 1788624726

DOWNLOAD EBOOK

Build a network security threat model with this comprehensive learning guide Key Features Develop a network security threat model for your organization Gain hands-on experience in working with network scanning and analyzing tools Learn to secure your network infrastructure Book Description The tech world has been taken over by digitization to a very large extent, and so it’s become extremely important for an organization to actively design security mechanisms for their network infrastructures. Analyzing vulnerabilities can be one of the best ways to secure your network infrastructure. Network Vulnerability Assessment starts with network security assessment concepts, workflows, and architectures. Then, you will use open source tools to perform both active and passive network scanning. As you make your way through the chapters, you will use these scanning results to analyze and design a threat model for network security. In the concluding chapters, you will dig deeper into concepts such as IP network analysis, Microsoft Services, and mail services. You will also get to grips with various security best practices, which will help you build your network security mechanism. By the end of this book, you will be in a position to build a security framework fit for an organization. What you will learn Develop a cost-effective end-to-end vulnerability management program Implement a vulnerability management program from a governance perspective Learn about various standards and frameworks for vulnerability assessments and penetration testing Understand penetration testing with practical learning on various supporting tools and techniques Gain insight into vulnerability scoring and reporting Explore the importance of patching and security hardening Develop metrics to measure the success of the vulnerability management program Who this book is for Network Vulnerability Assessment is for security analysts, threat analysts, and any security professionals responsible for developing a network threat model for an organization. This book is also for any individual who is or wants to be part of a vulnerability management team and implement an end-to-end robust vulnerability management program.


Infrastructure as Code (IAC) Cookbook

Infrastructure as Code (IAC) Cookbook

Author: Stephane Jourdan

Publisher: Packt Publishing Ltd

Published: 2017-02-17

Total Pages: 440

ISBN-13: 1786461293

DOWNLOAD EBOOK

Over 90 practical, actionable recipes to automate, test, and manage your infrastructure quickly and effectively About This Book Bring down your delivery timeline from days to hours by treating your server configurations and VMs as code, just like you would with software code. Take your existing knowledge and skill set with your existing tools (Puppet, Chef, or Docker) to the next level and solve IT infrastructure challenges. Use practical recipes to use code to provision and deploy servers and applications and have greater control of your infrastructure. Who This Book Is For This book is for DevOps engineers and developers working in cross-functional teams or operations and would now switch to IAC to manage complex infrastructures. What You Will Learn Provision local and remote development environments with Vagrant Automate production infrastructures with Terraform, Ansible and Cloud-init on AWS, OpenStack, Google Cloud, Digital Ocean, and more Manage and test automated systems using Chef and Puppet Build, ship, and debug optimized Docker containers Explore the best practices to automate and test everything from cloud infrastructures to operating system configuration In Detail Infrastructure as Code (IAC) is a key aspect of the DevOps movement, and this book will show you how to transform the way you work with your infrastructure—by treating it as software. This book is dedicated to helping you discover the essentials of infrastructure automation and its related practices; the over 90 organized practical solutions will demonstrate how to work with some of the very best tools and cloud solutions. You will learn how to deploy repeatable infrastructures and services on AWS, OpenStack, Google Cloud, and Digital Ocean. You will see both Ansible and Terraform in action, manipulate the best bits from cloud-init to easily bootstrap instances, and simulate consistent environments locally or remotely using Vagrant. You will discover how to automate and test a range of system tasks using Chef or Puppet. You will also build, test, and debug various Docker containers having developers' interests in mind. This book will help you to use the right tools, techniques, and approaches to deliver working solutions for today's modern infrastructure challenges. Style and approach This is a recipe-based book that allows you to venture into some of the most cutting-edge practices and techniques about IAC and solve immediate problems when trying to implement them.


Linux for Networking Professionals

Linux for Networking Professionals

Author: Rob VandenBrink

Publisher: Packt Publishing Ltd

Published: 2021-11-11

Total Pages: 528

ISBN-13: 1800204655

DOWNLOAD EBOOK

Get to grips with the most common as well as complex Linux networking configurations, tools, and services to enhance your professional skills Key FeaturesLearn how to solve critical networking problems using real-world examplesConfigure common networking services step by step in an enterprise environmentDiscover how to build infrastructure with an eye toward defense against common attacksBook Description As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must. This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you'll be well on your way towards building the underpinnings for an all-Linux datacenter. By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations. What you will learnUse Linux as a troubleshooting and diagnostics platformExplore Linux-based network servicesConfigure a Linux firewall and set it up for network servicesDeploy and configure Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) services securelyConfigure Linux for load balancing, authentication, and authorization servicesUse Linux as a logging platform for network monitoringDeploy and configure Intrusion Prevention Services (IPS)Set up Honeypot solutions to detect and foil attacksWho this book is for This book is for IT and Windows professionals and admins looking for guidance in managing Linux-based networks. Basic knowledge of networking is necessary to get started with this book.


Backtrack 5 Wireless Penetration Testing

Backtrack 5 Wireless Penetration Testing

Author: Vivek Ramachandran

Publisher: Packt Publishing Ltd

Published: 2011-09-09

Total Pages: 336

ISBN-13: 184951559X

DOWNLOAD EBOOK

Wireless has become ubiquitous in today’s world. The mobility and flexibility provided by it makes our lives more comfortable and productive. But this comes at a cost – Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes. Backtrack 5 Wireless Penetration Testing Beginner’s Guide will take you through the journey of becoming a Wireless hacker. You will learn various wireless testing methodologies taught using live examples, which you will implement throughout this book. The engaging practical sessions very gradually grow in complexity giving you enough time to ramp up before you get to advanced wireless attacks. This book will take you through the basic concepts in Wireless and creating a lab environment for your experiments to the business of different lab sessions in wireless security basics, slowly turn on the heat and move to more complicated scenarios, and finally end your journey by conducting bleeding edge wireless attacks in your lab. There are many interesting and new things that you will learn in this book – War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Point MAC spoofing, Rogue Devices, Evil Twins, Denial of Service attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Attack, Man-in-the-Middle attacks, Evading Wireless Intrusion Prevention systems and a bunch of other cutting edge wireless attacks. If you were ever curious about what wireless security and hacking was all about, then this book will get you started by providing you with the knowledge and practical know-how to become a wireless hacker. Hands-on practical guide with a step-by-step approach to help you get started immediately with Wireless Penetration Testing


Proxmox High Availability

Proxmox High Availability

Author: Simon M.C. Cheng

Publisher: Packt Publishing Ltd

Published: 2014-10-31

Total Pages: 386

ISBN-13: 1783980893

DOWNLOAD EBOOK

If you want to know the secrets of virtualization and how to implement high availability on your services, this is the book for you. For those of you who are already using Proxmox, this book offers you the chance to build a high availability cluster with a distributed filesystem to further protect your system from failure.