Using Iptables on Linux and
Setting the filtering rules
iptables is a user-space application program that allows a system administrator to configure the tables provided by
the Linux kernel
firewall (implemented as different Netfilter modules) and the chains and rules it
stores. Different kernel modules and programs are currently used for different
protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables to Ethernet frames.
iptables requires
elevated privileges to operate and must be executed by user root,
otherwise it fails to function. On most Linux systems, iptables is installed as /usr/sbin/iptables and documented in its man pages,
which can be opened using
man iptables when installed. It may also be found
in /sbin/iptables,
but since iptables is more like a service rather than an "essential
binary", the preferred location remains /usr/sbin.
The term iptables is also commonly used to inclusively
refer to the kernel-level components. x_tables is the name of the kernel module
carrying the shared code portion used by all four modules that also provides
the API used for extensions; subsequently,Xtables is more or less used to refer to the
entire firewall (v4, v6, arp, and eb) architecture.
There
are many different types of cryptographic algorithms, though most of them fit into one of two
classifications — symmetric and asymmetric. Some systems, however, use a hybrid
of both classifications. Symmetric algorithms, also known as symmetric-key or shared-key algorithms,
work by the use of a key known only to the two authorized parties. While these
can be implemented in the form of block ciphers or stream ciphers, the same key
is used for both encrypting and decrypting the message. The Data Encryption Standard (DES) and Advanced Encryption Standard (AES) are the most popular examples of symmetric cryptography algorithms.
Asymmetric cryptography algorithms rely on a pair of keys
— a public key and a private key. The public key can be revealed, but, to
protect the data, the private key must be concealed. Additionally, encryption
and decryption of the data must be done by the associated private and public
keys. For example, data encrypted by the private key must be decrypted by the
public key, and vice versa. RSA is one of the most common examples of this
algorithm.
Symmetric algorithms are usually much faster than
asymmetric algorithms. This is largely related to the fact that
only one key is required.
Comments
Post a Comment