IPCop is a Linux-based, stateful firewall distribution that sits in between your Internet connection and your network and directs traffic using a set of rules framed by you. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way.
This book is an easy-to-read guide to using IPCop in a variety of different roles within the network. The book is written in a very friendly style that makes this complex topic easy and a joy to read. It first covers basic IPCop concepts, then moves to introduce basic IPCop configurations, before covering advanced uses of IPCop. This book is for both experienced and new IPCop users.
Chapter 1 briefly introduces some firewall and networking concepts. The chapter introduces the roles of several common networking devices and explains how firewalls fit into this.
Chapter 2 introduces the IPCop package itself, discussing how IPCop's red/orange/blue/green interfaces fit into a network topology. It then covers the configuration of IPCop in other common roles, such as those of a web proxy, DHCP, DNS, time, and VPN server.
Chapter 3 covers three sample scenarios where we learn how to deploy IPCop, and how IPCop interfaces connect to each other and to the network as a whole.
Chapter 4 covers installing IPCop. It outlines the system configuration required to run IPCop, and explains the configuration required to get IPCop up and running.
Chapter 5 explains how to employ the various tools IPCop provides us with to administer, operate, troubleshoot, and monitor our IPCop firewall.
Chapter 6 starts off with explaining the need for an IDS in our system and then goes on to explain how to use the SNORT IDS with IPCop.
Chapter 7 introduces the VPN concept and explains how to set up an IPSec VPN configuration for a system. Special focus is laid on configuring the blue zone—a secured wireless network augmenting the security of a wireless segment, even one already using WEP or WPA.
Chapter 8 demonstrates how to manage bandwidth using IPCop making use of traffic-shaping techniques and cache management. The chapter also covers the configuration of the Squid web proxy and caching system.
Chapter 9 focuses on the vast range of addons available to configure IPCop to suit our needs. We see how to install addons and then learn more about common addons like SquidGuard, Enhanced Filtering, Blue Access, LogSend, and CopFilter.
Chapter 10 covers IPCop security risks, patch management, and some security and auditing tools and tests.
Chapter 11 outlines the support IPCop users have in the form of mailing lists and IRC.
IPCop runs on a dedicated box, and it completely takes over the hard drive, so don't use a drive with anything valuable on it. It will run on old or "obsolete" hardware, such as a 386 processor, 32Mb of RAM, and 300Mb hard disk. But if you plan on using some of IPCop's features, such as the caching web proxy, or Intrusion Detection Logging, you are going to need more RAM, more disk space, and a faster processor.
At least one Network Interface Card NIC is required for the Green Interface. If you will be connecting to the Internet via a cable modem, you will need two NICs.
Once installed you don't need to have a monitor or keyboard attached to the IPCop box, as it runs as a headless server, and is administered over the network with a web browser.
In this book, you will find a number of styles of text that distinguish between different kinds of information. Here are some examples of these styles, and an explanation of their meaning.
There are three styles for code. Code words in text are shown as follows: " In Windows, the ipconfig command also allows the user to release and renew DHCP information."
A block of code will be set as follows:
james@horus: ~ $ sudo nmap 10.10.2.32 -T Insane -O Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-05-02 21:36 BST Interesting ports on 10.10.2.32: (The 1662 ports scanned but not shown below are in state: closed) PORT STATE SERVICE 22/tcp open ssh MAC Address: 00:30:AB:19:23:A9 (Delta Networks) Device type: general purpose Running: Linux 2.4.X|2.5.X|2.6.X OS details: Linux 2.4.18 - 2.6.7 Uptime 0.034 days (since Tue May 2 20:47:15 2006) Nmap finished: 1 IP address (1 host up) scanned in 8.364 seconds
Any command-line input and output is written as follows:
# mv /addons /addons.bak
# tar xzvf /addons-2.3-CLI-b2.tar.gz -C /
# cd /addons
# ./addoncfg -u
# ./addoncfg -i
New terms and important words are introduced in a bold-type font. Words that you see on the screen, in menus or dialog boxes for example, appear in our text like this: "We then go back to the addons page, click the Browse button, browse to the file we just downloaded, click Upload, and the addon is installed on the server."
Note
Tips and tricks appear like this.
Feedback from our readers is always welcome. Let us know what you think about this book, what you liked or may have disliked. Reader feedback is important for us to develop titles that you really get the most out of.
To send us general feedback, simply drop an email to <[email protected]>, making sure to mention the book title in the subject of your message.
If there is a book that you need and would like to see us publish, please send us a note in the SUGGEST A TITLE form on www.packtpub.com or email <[email protected]>.
If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide on www.packtpub.com/authors.
Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.
Visit http://www.packtpub.com/support, and select this book from the list of titles to download any example code or extra resources for this book. The files available for download will then be displayed.
The downloadable files contain instructions on how to use them.
Although we have taken every care to ensure the accuracy of our contents, mistakes do happen. If you find a mistake in one of our books—maybe a mistake in text or code—we would be grateful if you would report this to us. By doing this you can save other readers from frustration, and help to improve subsequent versions of this book. If you find any errata, report them by visiting http://www.packtpub.com/support, selecting your book, clicking on the Submit Errata link, and entering the details of your errata. Once your errata have been verified, your submission will be accepted and the errata added to the list of existing errata. The existing errata can be viewed by selecting your title from http://www.packtpub.com/support.
You can contact us at <[email protected]> if you are having a problem with some aspect of the book, and we will do our best to address it.