Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Overview of this book

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way. This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.

Related Content you might be interested in

Current Title:

Small book image
Configuring IPCop Firewalls: Closing Borders with Open Source
Oct, 2006 | 244 pages
No titles found
Table of Contents (16 chapters)
Configuring IPCop Firewalls
Configuring IPCop Firewalls
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
Preface
Preface
Free Chapter
1
Introduction to Firewalls
Introduction to Firewalls
An Introduction to (TCP/IP) Networking
The Purpose of Firewalls
The OSI Model
How Networks are Structured
Traffic Filtering
Other Services Sometimes Run on Firewalls
Summary
2
Introduction to IPCop
Introduction to IPCop
Free and Open Source Software
The Purpose of IPCop
The Benefits of Building on Stable Components
The Gap IPCop Fills
Features of IPCop
Virtual Private Networking
Why IPCop?
Summary
3
Deploying IPCop and Designing a Network
Deploying IPCop and Designing a Network
Trust Relationships between the Interfaces
Altering IPCop Functionality
Topology One: NAT Firewall
Topology Two: NAT Firewall with DMZ
Topology Three: NAT Firewall with DMZ and Wireless
Planning Site-To-Site VPN Topologies
Summary
4
Installing IPCop
Installing IPCop
Hardware Requirements
Other Hardware Considerations
The Installation Procedure
Green Interface Configuration
First Boot
Summary
5
Basic IPCop Usage
Basic IPCop Usage
The System Menu
Checking the Status of Our IPCop Firewall
Network Status
Services
Firewall Functionality
Summary
6
Intrusion Detection with IPCop
Intrusion Detection with IPCop
Introduction to IDS
Introduction to Snort
Do We Need an IDS?
How Does an IDS Work?
Using Snort with IPCop
Monitoring the Logs
Log Analysis Options
What to Do Next?
Summary
7
Virtual Private Networks
Virtual Private Networks
What is a VPN?
Summary
8
Managing Bandwidth with IPCop
Managing Bandwidth with IPCop
The Bandwidth Problem
The HTTP Problem
The Solutions: Proxying and Caching
Introduction to Squid
Configuring Squid
Cache Management
Managing Bandwidth without a Cache
Summary
9
Customizing IPCop
Customizing IPCop
Addons
Firewall Addons Server
Common Addons
Summary
10
Testing, Auditing, and Hardening IPCop
Testing, Auditing, and Hardening IPCop
Security and Patch Management
Basic Firewall Hardening
Advanced Hardening
Logfiles and Monitoring Usage
Usage and Denial of Service
Where to Go Next?
Summary
11
IPCop Support
IPCop Support
Support
Summary

Introduction to Snort

Snort is the IDS included with IPCop, and is one of the best-known and commonly used sniffers available today and used by networks large and small the world over. It has continually updated signatures for a massive number of vulnerabilities, a massive user base, commercial support, and excellent documentation available online as well as in print. Snort was initially developed by Martin Roesch in the late 1990's and was destined to be a sniffer and possibly a little more, hence the name Snort.

Initially as a sniffer Snort was quite good and was linked to its slightly older relative TCPDUMP. Eventually Snort was expanded and become known as more of a NIDS than a sniffer (many of Snort's users are unaware of its sniffing capabilities and use it purely as an IDS).

As Snort became very popular, Martin Roesch decided to start a company based on Snort to offer security services based on the expertise that he had as a Snort developer. This led to the creation of Sourcefire ...

Previous Section
End of Section 3
Next Section