Linux Security: The Complete Iptables Firewall Guide
What you'll learn
- Acquire an In-Depth Understanding of Netfilter/Iptables Linux Firewall (Chains, Tables, Matches, Targets).
- Acquire the Skills to build Advanced Iptables Firewalls. Hands-on experience with Iptables.
- Learn to work efficiently with IPSET to drop large collections of IPs and Networks (like entire Countries)
- Understand Iptables Best Practices for creating custom Firewalls.
- Acquire the Skills to configure a Linux OS as a NAT Router.
- Acquire the Skills to configure Port Forwarding on Linux Routers.
- See practical examples for EACH Iptables Command, Match or Target.
- Use Shell Scripts to automate tasks like blocking or permitting a service, an IP/Network or a MAC address.
- Apply the Skills to secure Servers, Networks, Routers or Linux Desktop Operating Systems.
- Hundreds of hands-on exercises with solutions and quizzes.
Requirements
- Local root access to a Linux distribution like Ubuntu or CentOS. No paid software required.
- Linux Basics like commands, file permissions, text editors etc.
- Basic knowledge of TCP/IP stack (how clients and servers typically communicate, TCP, UDP, ICMP, IP's, ports, etc).
- Very basic knowledge of other Networking concepts like NAT or Routing.
Description
***Fully updated for 2022*** This Iptables course covers every major topic related to Netfilter and Iptables including Ipset, Advanced Matches and Targets, NAT, Fort Forwarding, User-Defined Chains, and many more!
Welcome to the most complete and up-to-date course for learning and using Netfilter & Iptables Linux Firewall, taught by a DevOps Engineer and Professional Trainer.
Just starting out with Linux Security and Iptables? Perfect. This course starts out assuming you're new to Netfilter, Iptables, and Linux Firewalls.
Or maybe you've already tried to learn Iptables by yourself and now you want to put all the pieces together? Then, I'm here to help you! This course has everything you need to know about Netfilter and Iptables.
You'll have lifetime access and you can return and look for a specific Iptables match, target or option anytime you want.
All presentations and Iptables examples used in this course are available for download.
The course contains many quizzes for you to take and test your knowledge.
There are many courses on Linux Security or Iptables. Why should you learn from me?
I'm a Practitioner and an Enthusiast. Welcome to the real world! I have almost 20 years of experience as a Linux Sysadmin, Security Engineer, and Full Stack Developer. I use Linux on a daily basis.
I'm an Educator and I know how to make a syllabus. For the last 10 years, I've trained thousands of people on Linux, Networking, Security, or Programming.
The topics covered in this course are:
Iptables chains and tables
Chains and tables traversal
Anatomy of an iptables rule
Filter large collections of IPs and Networks using Ipset
Filter traffic by country
Iptables matches (implicit & explicit).
Filter Traffic by IP, Network, Port, Protocol, Interface, MAC, TCP Flags, Date and Time, Quota, etc.
Iptables targets: DROP, REJECT, ACCEPT, LOG, REDIRECT, TEE, SNAT, DNAT, MASQUERADE, etc.
NAT
Port Forwarding
Automation using shell scripts
How to use Iptables Best-Practices
Every topic includes many live examples.
After taking this course, you'll be able to:
Have an In-Depth understanding of Netfilter/Iptables architecture.
Understand Iptables chains and tables.
Understand how a Firewall works.
Create Iptables rules that filter incoming, outgoing, or routed traffic based on any possible criteria including the country the packet is coming from or destined to.
LOG malicious traffic.
Prevent DoS Attacks.
Use Ipset to drop tens of thousands of Networks with no performance degradation.
Optimize Iptables firewalls.
Automate different firewall security tasks using shell scripts.
Configure NAT and MASQUERADE.
Configure Port Forwarding (DNAT).
User efficiently Nmap and Netstat.
Who this course is for:
- Linux Sysadmins.
- Network Administrators.
- DevOps Engineers.
- Security Professionals.
Featured review
![Max Tarasishin](data:image/svg+xml,%3Csvg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64"%3E%3C/svg%3E){kind=avatar}
Instructors
- 4.6 Instructor Rating
- 11,152 Reviews
- 76,825 Students
- 9 Courses
I've been a Network and Software Engineer for over 15 years, the typical profile of a DevOps Engineer.
I've co-founded Crystal Mind Academy, a Cisco Academy and professional training center in Romania, that focuses on teaching cutting-edge technologies to students.
I have contributed to education in the areas of programming, information security, and operating systems. During the last 15 years, more than 50,000 thousand students have participated in in-person or online training programs at Crystal Mind Academy.
I have developed documentation, labs, and case studies for many training programs such as Cisco CCNA, CCNA Security, CCNP, Linux Administration, Information Security, Python Programming, Network Automation with Python or Blockchain Programming (Ethereum/Solidity) which have been successfully attended by thousands over the years.
When I'm not working, I crossfit, read a good book, enjoy a good time or travel with my wife and children.
- 4.6 Instructor Rating
- 11,102 Reviews
- 75,924 Students
- 8 Courses
The Academy’s goal is to teach hundreds of thousands of people cutting-edge technologies in the fields of Programming and Networking.
Our philosophy is that courses should be taught by real professionals with substantial experience in the industry, who are also great teachers.
Courses are provided by Andrei Dumitrescu, a software engineer with over 15 years experience in the industry and in teaching offline and online course.