In this case we will review the case of one of the best existing software firewalls: NetFilter
NetFilter, is the packet filtering system of the Linux Kernels of the 2.4 and 2.6 branch, and for much more information, you can go through www.netfilter.org.
Why write one more article about IP Tables?
Simply because I did not find one to explain it as I would have liked. Another reason is because one ends up learning much more. For a faster guide, with many examples I recommend the bulma article
/* To perform filtering tests, we can use hping, I recommend these tutos I and II */
This system is based on the management of tables, which is managed from the iptables application.
This application configures all the filtering rules, but it is not in itself the firewall, this is important to highlight, since we do not have a process running to manage the packets, but iptables manages the rules that the kernel handles. Thus, we do not run the risk that the program if it hangs or contains a bug and ends up being a backdoor, instead of being a protection.
It is true that nothing is perfect, but so far, I have not heard of any vulnerability that has put the security of servers protected with Netfilter on tenterhooks.
It is worth emphasizing that Netfilter belongs to the list of 100 most important security tools according to Insecure.org.
Full content on NetSecure
