#1  
Old 6th May 2005, 14:15
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default IPCop

I've just tested IPCop (http://www.ipcop.org/), and I must say it's pretty cool!

From their web site:
Quote:
IPCop Linux is a complete Linux Distribution whose sole purpose is to protect the networks it is installed on. By implementing existing technology, outstanding new technology and secure programming practices IPCop is the Linux Distribution for those wanting to keep their computers/networks safe.
Quote:
# Provide a stable Linux Firewall Distribution.
# Provide a secure Linux Firewall Distribution.
# Provide an opensourced Linux Firewall Distribution.
# Provide a highly configurable Linux Firewall Distribution.
# Provide an easily maintained Linux Firewall Distribution.
# Provide an easily configured Linux Firewall Distribution.
# Provide reliable Support to the IPCop Linux user base.
# Provide an enjoyable environment for the Public to discuss and request assistance.
# Provide stable, secure, and easy to implement upgrades/patches for IPCop Linux.
# Develop an appreciation for both the Linux and Opensource movements in our user base.
# Develop a long lasting relationship with our userbase.
# Strive to adapt IPCop to meet the needs of the Internet of Tomorrow.
# Further develop the Linux Knowledge base of all Project Members and Users.
Here's a partial list of features:
Quote:
*IPTable network filters
*IDE, SCSI and CF (Disk on a Chip) drive support.
*Quad Network support:
oGREEN — Internal Trusted Network
oBLUE — Wireless Semi-Trusted Network (can be used a second Green)
oORANGE — DMZ for Internet accessed servers
oRED — The Internet connected via:
+Dial modem
+ISDN
+NIC Connected:
#DSL Modem
#Cable Modem

+USB Connected (w/ right driver):
#DSL Modem
#Cable Modem

*Multiple “Real” IP supported on RED when using a Static IP base.
*DHCP client support on RED to receive IP from ISP, also support for a dynamic DNS to be updated as this IP changes.
*DHCP server for GREEN and BLUE to simplify network setup and maintenance.
*NTP server and client for setting IPCop clock and supplying a common clock for internal GREEN and BLUE networks.
*Intrusion Detection for ALL networks (RED, ORANGE, BLUE and GREEN)
*Vitural Private Network (VPN) to allow multiple sites to act as single large network.
*Proxy Support for both Web Surfing and DNS support allow for “faster” connection response on and simplified network setup.
*Administration after initial load is via a secure Web Interface including:
oPerformance Graphics for CPU, Memory and Disk as well as Network throughput
oLog viewing with autorotation.
oMultiple language support.

*Use of older equipment. 386 or better. Version 1.4 has been tested on 486sx25 with 12M of RAM and 273M of hard drive. This was the oldest and smallest we could find we could find at the time of test. It was loaded via the Net Install option and supported a full Cable Modem download speed of 3Mb/s.
Administration is done over an easy-to-understand web interface. And the best is: you can use old hardware for it (e.g. PentiumI with 32MB RAM and 800MB HDD)!
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Sponsored Links
  #2  
Old 17th August 2005, 01:06
domino domino is offline
Senior Member
 
Join Date: Aug 2005
Posts: 364
Thanks: 0
Thanked 10 Times in 9 Posts
Default

Yes, nice read. I was just reading over at the main page while looking for a DNS client for linux. It also support dynmic IP update at ZoneEdit and others. I think, once I have The webserver box stable, this is my next project.

PS. LOL, I didn't realize this thread was old. But would like to get users input though.
Reply With Quote
  #3  
Old 9th April 2006, 22:10
RocketScientist RocketScientist is offline
Junior Member
 
Join Date: Apr 2006
Location: Denver, CO
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I downloaded the ISO for that a while ago. I'm a little chicken to install it as of yet. Do I need to turn off NAT on my stupid little ActionTec DSL router?

I'll be throwing it on a dual P133 IBM PC Server 320. I wonder if it will allow me to turn off the kids' access to the Internet at certain hours.
__________________
If it ain't broke, you're not trying. - Red Green
Reply With Quote
  #4  
Old 10th April 2006, 10:48
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Quote:
Originally Posted by RocketScientist
I downloaded the ISO for that a while ago. I'm a little chicken to install it as of yet. Do I need to turn off NAT on my stupid little ActionTec DSL router?
In fact, IPCop is a replacement for your router. So it's either IPCop or your router.

Quote:
Originally Posted by RocketScientist
I'll be throwing it on a dual P133 IBM PC Server 320. I wonder if it will allow me to turn off the kids' access to the Internet at certain hours.
Yes.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 11th April 2006, 13:32
linuxuser1 linuxuser1 is offline
Member
 
Join Date: Oct 2005
Posts: 66
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi falko,

In fact, IPCop is a replacement for your router. So it's either IPCop or your router.

Does it mean it's not a reliable or secure firewall? or which other free firewall would you reommend

Thanks.
Reply With Quote
  #6  
Old 11th April 2006, 15:00
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

It's a very reliable and very secure firewall! Why do you think it isn't?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 11th April 2006, 17:19
linuxuser1 linuxuser1 is offline
Member
 
Join Date: Oct 2005
Posts: 66
Thanks: 0
Thanked 0 Times in 0 Posts
Default

hi Falko,

I was not trying to suggest that it's not secure. I was rather asking if it's secure. I have tried to install it sometime to compliment my other firewall but latter abandoned the idea.

Thanks.
Reply With Quote
  #8  
Old 11th April 2006, 19:29
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Yes, it's secure and reliable.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 12th April 2006, 07:30
sbovisjb1 sbovisjb1 is offline
Senior Member
 
Join Date: Feb 2006
Posts: 176
Thanks: 0
Thanked 1 Time in 1 Post
Default

Its a good distro for firewalling. But if you really want to stay EVEN more secure, use distros (this may get me in trouble for EVEN mentioning this ) such as backtrack linux and the hackthissite gentoo live cd <-- hard to find. I know that i will get some dirty looks by saying this, but i have used the HTS live cd to search for security vulnerabilities in the past. It has about 50 programs that promote port scanning and the such, and they are all in the popular network languadges. It also comes with 200+ tutorials, so that you will never be stuck. To you the programs properly, you must scan/search/look for, a certain hole or "glitch" or vulnerability. The best way to go are with scanners that pick up real time info on what data is being transferred via the servers. Me and my friends have realized that if you use this on you're own system, you can fix up alot of problems very quick. Oh and Hackthissite was hacked and all its users passwords were stolen, so it proves that you can never be too safe . And the HTS live cd can be found on pirate bay.org.
Reply With Quote
  #10  
Old 28th April 2006, 10:42
donanak donanak is offline
Junior Member
 
Join Date: Apr 2006
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
 
Thumbs up ipcop

Hey people, I'm very much interested in on this topic and want to contribute a little.
Talking about ipcop, I think in my opinion it's the only firewall I was able to setup and play with. My quest for knowledge on firewalls came when I decided to host my own server (web/ftp/email/hosting) at home. For sometime, I couldn't find any ready made distro/firewall like ipcop so i tend to go with smoothwall express (http://www.smoothwall.org ).It was brilliant but they wouldn't support my Alcatel USB modem. I tried all the patches and everything, yet the same. I got their latest version of express codenamed Grizzly, which for some reason worked after one patch but it was a beta version and they've been quiet slow with update and more stable version.

Then I found IPCOP, it met all my needs and was easy to intall. Falko as you can see, I dropped you and email but you asked if i could put it up here. I don't know which forum is the best to post my stuff. Can you help?

IPCOP all the way but I'll give HTS a shot, if i find a copy.

Thanks guys for your good work.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 13:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.