oreilly.comSafari Books Online.Conferences.


Packet Filtering, Spam Proofing, Searching, and Timed Network Services

by chromatic
Linux Newsletter for 06/30/2003

Good afternoon. Welcome to the Linux newsletter, your guide to fresh and detailed content on Here's what's new in the world of open source and open source development:

The premier open source firewalling and filtering tool may just be OpenBSD's pf. "Securing Small Networks" columnist Jacek Artymiak continues his four-article exploration of pf in OpenBSD 3.3 in Changes in pf: Packet Filtering. This week, he describes how to filter and shape packets after NAT and redirection has taken place.

Dru Nelson recently had the unpleasant experience of cleaning up after a spam attack. Rather than curse the darkness, he took the opportunity to protect his network. How? In Defending Your Site Against Spam, Dru describes various techniques to combat spam at the network level. See what he chose and why. (Next time, he'll discuss how he implemented it.)

This week sees new author Joe Stump's first article, MySQL FULLTEXT Searching. The recent release of MySQL 4.0 brought several impressive improvements to searching long text fields. Sick of crafting regexes to fit into a LIKE clause? Joe'll tell you how to make your life a little easier.

This week's book excerpt comes again from the Linux Security Cookbook. Secure Cooking with Linux, Part 2 explains making network services available only during certain times of day, and using sudo to fine-tune file access permissions.

To subscribe to the Linux newsletter (or any O'Reilly Network newsletters), visit and select the newsletters you wish to receive in your user profile (you'll need to log in with your existing O'Reilly Network account -- if you don't yet have an account, you'll need to create one).

To change your newsletter subscription options, please visit and click the"Manage My Newsletters" link. For assistance, send email to

This week's featured OSCON speaker is ONJava author Satya Komatineni, speaking on Looking Beyond JDBC.

Satya's a firm believer in hierarchical data sets. Instead of working around the relational-database atom of a row, a hierarchical data set (or infoset) uses a hierarchical atom composed of transformed rows. The idea's a little subtle, but the results are compelling. It's amazingly easy to convert from one output format to another.

Weblog-wise, it's wiki week. Your editor dropped the news of Ingy's (Semi-)Official OSCON Wiki, which is seeing great uptake. Tim caught wind of it elsewhere and tips his hat to Ingy in Unofficial OSCon Wiki. Steve Mallett got in on the idea and launched OSPedia: The Open Source Wiki to complement his efforts on

Other interesting news involves a potential RSS successor, open source Java, the new library of Alexandria, and XBox Linux without a mod chip. Read more in our Weblogs.

Since OSCON is next week, there's no telling what we'll discuss in the next couple of weeks. Surprise is good for the soul, right?

See you in Portland,

Technical Editor
O'Reilly Network and Linux DevCenter Top Five Articles Last Week

  1. Video Playback and Encoding with MPlayer and MEncode
    No consumer Linux box is complete without the ability to play digital video files. Until recently, this was difficult -- the codecs weren't freely available or distributable. MPlayer seeks to change this. KIVILCIM Hindistan introduces MPlayer and demonstrates some of its features.

  2. Proxy Terminology 101
    You're probably reading this page through a proxy right now. You might be saving bandwidth, sharing an external IP address, or being protected from work-unsafe material, but could you tell a reverse proxy from an arp proxy? Dru Lavigne explains what these and other terms mean in preparation for installing and running proxies.

  3. MySQL FULLTEXT Searching
    Storing text in your database is handy, but searching can be a pain. MySQL's FULLTEXT search can save your sanity. Joe Stump demonstrates how it works and gives several ideas on how to use it in your own applications.

  4. Secure Cooking with Linux, Part 1
    The authors of Linux Security Cookbook have selected a number of recipes from their book to present on ONLamp. These recipes are organized into basic, intermediate, and advanced categories. This week's set consists of three recipes of a basic flavor. You'll find recipes on authenticating by public key, encrypting backups, and combining log files. Over the next two weeks we'll present the intermediate and then advanced recipes. There'll be something for everyone here. Enjoy.

  5. Changes in pf: Packet Filtering
    OpenBSD's packet filter has really grown up. Since its introduction in OpenBSD 3.0, it's become an advanced tool for networking and security. In the third of four articles, Jacek Artymiak explores new options for packet filtering with pf in OpenBSD 3.2, after NAT and redirection have taken place.

Return to the list of Linux Newsletters.

Return to the Linux DevCenter.

Linux Online Certification

Linux/Unix System Administration Certificate Series
Linux/Unix System Administration Certificate Series — This course series targets both beginning and intermediate Linux/Unix users who want to acquire advanced system administration skills, and to back those skills up with a Certificate from the University of Illinois Office of Continuing Education.

Enroll today!

Linux Resources
  • Linux Online
  • The Linux FAQ
  • Linux Kernel Archives
  • Kernel Traffic

  • Sponsored by: