Linux Security: The Complete Iptables Firewall Guide
What you'll learn
- Acquire an In-Depth Understanding of Netfilter/Iptables Linux Firewall (Chains, Tables, Matches, Targets).
- Acquire the Skills to build Advanced Iptables Firewalls. Hands-on experience with Iptables.
- Learn to work efficiently with IPSET to drop large collections of IPs and Networks (like entire Countries)
- Understand Iptables Best Practices for creating custom Firewalls.
- Acquire the Skills to configure a Linux OS as a NAT Router.
- Acquire the Skills to configure Port Forwarding on Linux Routers.
- See practical examples for EACH Iptables Command, Match or Target.
- Use Shell Scripts to automate tasks like blocking or permitting a service, an IP/Network or a MAC address.
- Apply the Skills to secure Servers, Networks, Routers or Linux Desktop Operating Systems.
- Hundreds of hands-on exercises with solutions and quizzes.
Requirements
- Local root access to a Linux distribution like Ubuntu or CentOS. No paid software required.
- Linux Basics like commands, file permissions, text editors etc.
- Basic knowledge of TCP/IP stack (how clients and servers typically communicate, TCP, UDP, ICMP, IP's, ports, etc).
- Very basic knowledge of other Networking concepts like NAT or Routing.
Description
***Fully updated for 2020*** This Iptables course covers every major topic related to Netfilter and Iptables including Ipset, Advanced Matches and Targets, NAT, Fort Forwarding, User-Defined Chains and many more!
Welcome to the most complete and up-to-date course for learning and using Netfilter & Iptables Linux Firewall, taught by a DevOps Engineer and Professional Trainer.
Just starting out with Linux Security and Iptables? Perfect. This course starts out assuming you're new to Netfilter, Iptables and Linux Firewalls.
Or maybe you've already tried to learn Iptables by yourself and now you want to put all the pieces together? Then, I'm here to help you! This course has everything you need to know about Netfilter and Iptables.
You'll have life time access and you can return and look for a specific Iptables match, target or option anytime you want.
All presentations and Iptables examples used in this course are available for download.
The course contains many quizzes for you to take and test your knowledge.
There are many courses on Linux Security or Iptables. Why should you learn from me?
I'm a Practitioner and an Enthusiast. Welcome to the real world! I have almost 20 years experience as a Linux Sysadmin, Security Engineer and Full Stack Developer. I use Linux on a daily basis.
I'm an Educator and I know how to make a syllabus. For the last 10 years I've trained thousands of people on Linux, Networking, Security or Programming.
The topics covered in this course are:
Iptables chains and tables
Chains and tables traversal
Anatomy of an iptables rule
Filter large collections of IPs and Networks using Ipset
Filter traffic by country
Iptables matches (implicit & explicit).
Filter Traffic by IP, Network, Port, Protocol, Interface, MAC, TCP Flags, Date and Time, Quota etc.
Iptables targets: DROP, REJECT, ACCEPT, LOG, REDIRECT, TEE, SNAT, DNAT, MASQUERADE etc.
NAT
Port Forwarding
Automation using shell scripts
How to use Iptables Best-Practices
Every topic includes many live examples.
After taking this course, you'll be able to:
Have an In-Depth understanding about Netfilter/Iptables architecture.
Understand Iptables chains and tables.
Understand how a Firewall works.
Create Iptables rules that filter incoming, outgoing or routed traffic based on any possible criteria including country the packet is coming from or destined to.
LOG malicious traffic.
Prevent DoS Attacks.
Use Ipset to drop tens of thousands of Networks with no performance degradation.
Optimize Iptables firewalls.
Automate different firewall security tasks using shell scripts.
Configure NAT and MASQUERADE.
Configure Port Forwarding (DNAT).
User efficiently Nmap and Netstat.
Who this course is for:
- Linux Sysadmins.
- Network Administrators.
- DevOps Engineers.
- Security Professionals.
Featured review
![Jaspreet Singh](data:image/svg+xml,%3Csvg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 64"%3E%3C/svg%3E){kind=avatar}
Course content
Course Introduction5 lectures • 7min
- WelcomePreview03:42
- IMPORTANT. Please read!01:24
- How to Get Better and Faster Support? JOIN OUR ONLINE COMMUNITY!00:27
- Setting Up the Environment00:56
- Getting Course Resources00:21
Netfilter/Iptables Basics4 lectures • 20min
The Iptables Command13 lectures • 1hr 7min
Challenges - The Iptables Command1 lecture • 1min
Iptables Basic Matches12 lectures • 49min
Challenges - Basic Matches1 lecture • 1min
Iptables Advanced Matches14 lectures • 1hr
Challenges - Advanced Matches1 lecture • 2min
Advanced Firewall Configuration with Ipset11 lectures • 49min
Iptables Targets12 lectures • 49min
Instructors
- 4.6 Instructor Rating
- 3,021 Reviews
- 19,863 Students
- 7 Courses
I've been a Network and Software Engineer for over 15 years, the typical profile of a DevOps Engineer.
I've cofounded Crystal Mind Academy, a Cisco Academy and professional training center in Romania, that focuses on teaching cutting-edge technologies to students.
I have contributed to education in areas of programming, information security and operating systems. During the last 15 years more than 30,000 thousand students have participated in-person or online training programs at Crystal Mind Academy.
I have developed documentation, labs and case studies for many training programs such as Cisco CCNA, CCNA Security, CCNP, Linux Administration, Information Security, Python Programming, Network Automation with Python or Blockchain Programming (Ethereum/Solidity) which have been successfully attended by thousands over the years.
When I'm not working, I crossfit, read a good book, enjoy a good time or travel with my wife and children.
- 4.6 Instructor Rating
- 3,021 Reviews
- 19,863 Students
- 7 Courses
The Academy’s goal is to teach hundreds of thousands of people cutting-edge technologies in the fields of Programming and Networking.
Our philosophy is that courses should be taught by real professionals with substantial experience in the industry, who are also great teachers.
Courses are provided by Andrei Dumitrescu, a software engineer with over 15 years experience in the industry and in teaching offline and online course.