Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Book Image

Configuring IPCop Firewalls: Closing Borders with Open Source

Overview of this book

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way. This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.
Table of Contents (16 chapters)
Configuring IPCop Firewalls
Credits
About the Authors
About the Reviewers
Preface
7
Virtual Private Networks
11
IPCop Support

Checking the Status of Our IPCop Firewall


Part of our management procedures should include monitoring of the IPCop firewall in order to ensure that CPU load, memory usage, network throughput, etc., maintain healthy levels. It is an extremely important role of the system administrator to establish a baseline for his or her systems in order to be able to identify abnormalities—many intrusions and hardware failures are first noticed by a drop (or rise) in network activity or CPU load.

The basic status screen allows us to view a number of basic system statistics before we inspect more detailed graphs of the statistics for the lifetime of the firewall. Services running on the IPCop box obviously have a serious impact on the ability of the box to do its job, and as a quick indicator the Services: display is useful in the event that the firewall ceases to function properly in order to ensure that the firewall thinks that the right services are running.

Many of the services, such as Secure shell...