 | | |
| The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall | 
| Author: Peter Hansteen
Publisher: No Starch Press
Category: Book
List Price: $29.95
Buy New: $16.56
You Save: $13.39 (45%)
Buy New/Used from $16.56
Avg. Customer Rating:  (8 reviews)
Sales Rank: 266776
Format: Illustrated
Media: Paperback
Number Of Items: 1
Pages: 184
Shipping Weight (lbs): 0.8
Dimensions (in): 9.1 x 7 x 0.7
ISBN: 1593271654
Dewey Decimal Number: 005.8
EAN: 9781593271657
ASIN: 1593271654
Publication Date: January 11, 2008
Availability: Usually ships in 1-2 business days
|
| Editorial Reviews:
Product Description
OpenBSD's stateful packet filter, PF, offers an amazing feature set and support across the major BSD platforms. Like most firewall software though, unlocking PF's full potential takes a good teacher. Peter N.M. Hansteen's PF website and conference tutorials have helped thousands of users build the networks they need using PF. The Book of PF is the product of Hansteen's knowledge and experience, teaching good practices as well as bare facts and software options. Throughout the book, Hansteen emphasizes the importance of staying in control by having a written network specification, using macros to make rule sets more readable, and performing rigid testing when loading in new rules. Today's system administrators face increasing challenges in the quest for network quality, and The Book of PF can help by demystifying the tools of modern *BSD network defense. But, perhaps more importantly, because we know you like to tinker, The Book of PF tackles a broad range of topics that will stimulate your mind and pad your resume, including how to: - Create rule sets for all kinds of network traffic, whether it is crossing a simple home LAN, hiding behind NAT, traversing DMZs, or spanning bridges
- Use PF to create a wireless access point, and lock it down tight with authpf and special access restrictions
- Maximize availability by using redirection rules for load balancing and CARP for failover
- Use tables for proactive defense against would-be attackers and spammers
- Set up queues and traffic shaping with ALTQ, so your network stays responsive
- Master your logs with monitoring and visualization, because you can never be too paranoid
The Book of PF is written for BSD enthusiasts and network admins at any level of expertise. With more and more services placing high demands on bandwidth and increasing hostility coming from the Internet at-large, you can never be too skilled with PF.
|
| Customer Reviews: Read 3 more reviews...
 Well written, but light in much of its coverage January 3, 2009
Hansteen has put together a mostly well written, OS-independent guide to PF. He states he "made a conscious decision early on to introduce you to its methods via interesting and useful configurations, rather than make this book the complete reference", and I feel this book mostly accomplishes that goal. He points to the man pages as the complete reference, though I disagree on that to some extent, as they lack detailed coverage and practical usage examples in some areas.
There is no introductory coverage of any of the BSDs, which is fine for the scope of the book and those topics are already well covered elsewhere, but don't expect to pick this up and get anywhere with it if you have no prior BSD experience. You'll first need to seek resources on your BSD of choice and have a decent understanding of the OS. Basic networking knowledge is also a prerequisite.
There are some areas that are covered very minimally, to the extent that without seeking additional material, you will likely have difficulty with your implementation unless it is very basic. I agree with most of the complaints noted in Betjlich's review. Given the stated scope of the book, I'm not quite as critical. I do think the stated scope is too limited though.
This book is adequate if you want to get up and running with a basic configuration. Anything more complex will leave you seeking additional resources.
I think this is a worthwhile read if you want to setup a PF firewall, and understand the limits of a book that comes in at 134 pages excluding the appendices. The second edition could be much better though.
 A very accessible book on OpenBSD's PF firewall October 7, 2008
If you're looking for information about the OpenBSD packet filter program "pf", you may have noticed a gaping hole on bookstore shelves. Two books that I have read on pf are "Building Firewalls with OpenBSD and PF, 2nd Edition" by Jacek Artymiak and the No Starch Press title, "The Book of PF", by Peter N.M. Hansteen.
"The Book of PF" is by far the easier of the two books to digest and will help you get up to speed very quickly. It's a short book, weighing in at 145 pages. The example rule sets are simple to follow and very thoroughly documented.
Hansteen helps you navigate through pf's basic configuration and then takes you through more advanced topics like wireless networks and how to deal with 'bigger or trickier networks'. There is also a treatment of OpenBSD's spamd program, designed to help you combat spam on your network.
You'll find a chapter on Alternate Queuing (ALTQ) and Common Address Redundancy Protocol (CARP). ALTQ provides a way to shape the traffic on your network and was integrated into pf for the OpenBSD 3.3 release. CARP was added to OpenBSD in release 3.5 to address the issue of high availability and uninterrupted service.
A chapter covering Logging, Monitoring, and Statistics helps bring it all together for the network administrator. Hansteen closes out the text with a chapter titled "Getting Your Setup Just Right" that provides a last-minute review of some of the most important configuration options.
If you're interested in "The Book of PF", most likely you're already familiar with OpenBSD - one of the most secure operating systems available today. If you're ready to enhance OpenBSD's default security, pick up a copy of this book and spend some time with the pf program.
The Defacto Book on OpenBSD firewalls August 18, 2008
1 out of 2 found this review helpful
This book is great for all types of OpenBSD users. If you just want a to build a home router with better performance and more control, then this book is all you'll need. If you're looking to build an enterprise load balancer, this book is an excellent resource that you'd be hard pressed to live with out.
 Great Beginner Tutorial March 4, 2008
1 out of 1 found this review helpful
Mr. Hansteen, Did a rather good job of putting this book together. The chapters flowed well and one led into the next in a very logical manner. I especially found useful the sections on Round-robin and setting up wireless (Chapter 4 and 7).
Although I make a business of building firewalls I will be keeping this book close at hand. Sadly I only gave 3 stars as I felt the editing could have been better I found several errors with the sample scripts and rules and found it lacking with one or two advanced areas for the professionals would have made this a 5 star easy.
Intersting Intro to PF February 3, 2008
1 out of 2 found this review helpful
My background has and is mainly in Linux. I ordered this book because I had an interest in PF, and I was unable to test most of the examples of this book, due to the lack of an available machine that I could readily install openbsd on.
After reading this book, I would readily give up iptables for PF. I can't count the number of times I've come into a new job where I had to spend several hours deciphering the iptables rules loaded on a particular firewall to ensure I understand what all the rules are intended to do. I do love iptables and the power it provides but I don't believe anyone can claim it's user friendly or even remotely user friendly.
PF is OpenBSD Packet Filter. It differs from essentially every firewall product on the market in that a normal human being with a very rudimentary understanding of networking can come in, and look at the configuration files and be able to understand what is going on.
This particular book is by no means that comprehensive, nor is it a HOWTO, as the author states in the introduction. It does give a very brief introduction into some of the capabilities of PF, which includes: Setting up a firewall, Natting, Wireless networks, Queuing, Logging and Analyzing data traffic as well as a brief few pages on preventing brute force attacks and spam bot attacks.
For a curious audience that would like to learn more about the PF, it is an ideal book. If you expect to learn about the minute details and intricacies of PF, this isn't the book you want to get.
I enjoyed reading this book, and once again have an itch to learn more about OpenBSD, if I can tear myself away from gentoo long enough to see if I can get used to the various differences and intricacies that always tend to drive me up the wall whenever changing distributions and or operating systems. (To avoid flame wars, I am by no means claiming that OpenBSD or any BSD derivative is a linux distro).
|
|
|
Powered by: Dknc, inc. and Amazon.com | | 
For your safety and security, orders are processed through amazon.com
|
|
|
|