UNIX System Administration Handbook - Evi Nemeth [206]
27. Why aren’t such packets rejected by the previous rule? Because this rule is a part of the forward chain, whereas the “reject everything else” rule is part of the input chain.
Recommended reading
STEVENS, W. RICHARD. TCP/IP Illustrated, Volume One: The Protocols. Reading, MA: Addison-Wesley. 1994.
WRIGHT, GARY R., AND STEVENS, W. RICHARD. TCP/IP Illustrated, Volume Two: The Implementation. Reading, MA: Addison-Wesley. 1995.
These two books are an excellent and thorough guide to the TCP/IP protocol stack. A bit dated, but still solid.
STEVENS, W. RICHARD. UNIX Network Programming. Prentice Hall. 1990.
STEVENS, W. RICHARD. UNIX Network Programming, Volume 1: Networking APIs—Sockets and XTI. Upper Saddle River, NJ: Prentice Hall. 1997.
STEVENS, W. RICHARD. UNIX Network Programming, Volume 2: Interprocess Communications. Upper Saddle River, NJ: Prentice Hall. 1998.
These books are the student’s bibles in networking classes that involve programming. If you need only the Berkeley sockets interface, the original edition is a fine reference. If you need the STREAMS interface too, then the second edition, which became too large to bind in one volume, is a good bet. All three are clearly written in typical Rich Stevens style.
TANENBAUM, ANDREW. Computer Networks, 3rd Edition. Upper Saddle River, NJ: Prentice Hall. 1996.
This was the first networking text, and it is still a classic. It contains a very thorough description of all the nitty-gritty details going on at the physical and link layers of the protocol stack. Earlier editions were kind of stuck on the ISO protocols, but the latest edition has been updated to cover the modern Internet.
SALUS, PETER H. Casting the Net, From ARPANET to INTERNET and Beyond. Reading, MA: Addison-Wesley. 1995.
This is a lovely history of the ARPANET as it grew into the Internet, written by a historian who has been hanging out with UNIX people long enough to sound like one of them!
COMER, DOUGLAS. Internetworking with TCP/IP Volume 1: Principles, Protocols, and Architectures, 4th Edition. Upper Saddle River, NJ: Prentice Hall. 2000.
The Comer books were for a long time the standard reference for the TCP/IP protocols. This new edition has descriptions of modern networking technologies as well as the TCP/IP protocol suite. It is designed as an undergraduate textbook and is a good source of background material.
HEDRICK, CHARLES. “Introduction to the Internet Protocols.” Rutgers University.
This document is a gentle introduction to TCP/IP. It does not seem to have a permanent home, but it is widely distributed on the web; search for it.
HUNT, CRAIG. TCP/IP Network Administration, Second Edition. Sebastopol, CA: O’Reilly & Associates. 1998.
Like other books in the nutshell series, this book is directed at administrators of UNIX systems. Half the book is about TCP/IP, and the rest deals with higher-level UNIX facilities such as email and remote login.
SONNENREICH, WES, AND TOM YATES. Building Linux and OpenBSD Firewalls. New York, NY: J.W. Wiley. 2000.
This is an awesome little book: it’s easy to read, has good examples, shows a good sense of humor, and is just generally excellent. Our only gripe with this book is that it argues against the use of sudo for root access, claiming that it’s too hard to use and not worth the trouble. We strongly disagree.
www.netscan.org maintains a list of “smurf” attack amplifiers (systems that respond to broadcast ICMP). You can type in your network’s IP address to verify that it’s OK, provided that you subnet on byte boundaries. If your network is on this list, disable directed broadcast as described in the TCP chapter to become a nicer netizen.
An excellent collection of documents about the history of the Internet and its various technologies can be found at www.isoc.org/internet/history.
14 Routing
Chapter