You are previewing Configuring IPCop Firewalls.
O'Reilly logo
Configuring IPCop Firewalls

Book Description

How to setup, configure and manage your Linux firewall, web proxy, DHCP, DNS, time server, and VPN with this powerful Open Source solution

  • Learn how to install, configure, and set up IPCop on your Linux servers

  • Use IPCop as a web proxy, DHCP, DNS, time server, and VPN

  • Advanced add-on management

In Detail

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way.

This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.

This book is an easy-to-read guide to using IPCop in a variety of different roles within the network. The book is written in a very friendly style that makes this complex topic easy and a joy to read. It first covers basic IPCop concepts, then moves to introduce basic IPCop configurations, before covering advanced uses of IPCop. This book is for both experienced and new IPCop users.

Table of Contents

  1. Configuring IPCop Firewalls
    1. Configuring IPCop Firewalls
    2. Credits
    3. About the Authors
    4. About the Reviewers
    5. Preface
      1. What This Book Covers
      2. What You Need for This Book
      3. Conventions
      4. Reader Feedback
      5. Customer Support
        1. Downloading the Example Code for the Book
        2. Errata
        3. Questions
    6. 1. Introduction to Firewalls
      1. An Introduction to (TCP/IP) Networking
      2. The Purpose of Firewalls
      3. The OSI Model
        1. Layer 1: The Physical Layer
        2. Layer 2: The Data Link Layer
        3. Layer 3: The Network Layer
        4. Layer 4: The Transport Layer
        5. Layer 5: The Session Layer
        6. Layer 6: The Presentation Layer
        7. Layer 7: The Application Layer
      4. How Networks are Structured
        1. Servers and Clients
        2. Switches and Hubs
        3. Routers
        4. Routers, Firewalls, and NAT
          1. Network Address Translation
          2. Combined Role Devices
      5. Traffic Filtering
        1. Personal Firewalls
        2. Stateless Packet Filtering
        3. Stateful Packet Filtering
        4. Application-Layer Firewalling
        5. Proxy Servers
      6. Other Services Sometimes Run on Firewalls
        1. DNS
        2. DHCP
      7. Summary
    7. 2. Introduction to IPCop
      1. Free and Open Source Software
        1. Forking IPCop
      2. The Purpose of IPCop
      3. The Benefits of Building on Stable Components
      4. The Gap IPCop Fills
      5. Features of IPCop
        1. Web Interface
        2. Network Interfaces
        3. The Green Network Interface
        4. The Red Network Interface
          1. USB and PCI ADSL Modems
          2. ISDN Modems
          3. Analog (POTS) Modems
          4. Cable and Satellite Internet
        5. The Orange Network Interface
        6. The Blue Network Interfaces
        7. Simple Administration and Monitoring
        8. Modem Settings
        9. Services
          1. Web Proxy
          2. DHCP
          3. Dynamic DNS
          4. Time Server
          5. Advanced Network Services
          6. Port Forwarding
      6. Virtual Private Networking
        1. ProPolice Stack Protection
      7. Why IPCop?
      8. Summary
    8. 3. Deploying IPCop and Designing a Network
      1. Trust Relationships between the Interfaces
      2. Altering IPCop Functionality
      3. Topology One: NAT Firewall
      4. Topology Two: NAT Firewall with DMZ
      5. Topology Three: NAT Firewall with DMZ and Wireless
      6. Planning Site-To-Site VPN Topologies
      7. Summary
    9. 4. Installing IPCop
      1. Hardware Requirements
      2. Other Hardware Considerations
      3. The Installation Procedure
        1. Installation Media
        2. Hard Drive Partitioning and Formatting
        3. Restore Configuration from Floppy Backup
      4. Green Interface Configuration
        1. Finished?
        2. Locale Settings
        3. Hostname
        4. DNS Domain Name
        5. ISDN Configuration
        6. Network Configuration
          1. Drivers and Card Assignment
          2. Address Settings
        7. DNS and Default Gateway
        8. DHCP Server
        9. Finished!
      5. First Boot
      6. Summary
    10. 5. Basic IPCop Usage
      1. The System Menu
        1. Software Updates
        2. Passwords
        3. SSH Access
          1. Connecting to SSH
          2. A Little More about SSH
        4. GUI Settings
        5. Backup
        6. Shutdown
      2. Checking the Status of Our IPCop Firewall
      3. Network Status
        1. System Graphs
        2. Network Graphs
        3. Connections
      4. Services
        1. DHCP Server
        2. Dynamic DNS
        3. Edit Hosts
        4. Time Server
      5. Firewall Functionality
        1. External Access
        2. Port Forwarding
        3. Firewall Options
        4. Network Troubleshooting with Ping
      6. Summary
    11. 6. Intrusion Detection with IPCop
      1. Introduction to IDS
      2. Introduction to Snort
      3. Do We Need an IDS?
      4. How Does an IDS Work?
      5. Using Snort with IPCop
      6. Monitoring the Logs
        1. Priority
      7. Log Analysis Options
        1. Perl Scripts
        2. ACID and BASE
      8. What to Do Next?
      9. Summary
    12. 7. Virtual Private Networks
      1. What is a VPN?
        1. IPSec
        2. A Little More about Deploying IPSec
        3. Prerequisites for a Successful VPN
              1. A Reliable Network
              2. Two Endpoints Attached to the Internet Running IPSec Software
              3. Static Red IP Addresses for Both Endpoints or Dynamic DNS Hostnames
              4. Non-Overlapping Internal Address Spaces
              5. Time and Patience
        4. Verifying Connectivity
        5. Host-to-Net Connections Using Pre-Shared Keys
        6. Host-to-Net Connections Using Certificates
          1. A Brief Explanation of Certificates and X.509
        7. Certificates with IPSec in IPCop
        8. Site-to-Site VPNs Using Certificates
        9. VPN Authentication Options
        10. Configuring Clients for VPNs
        11. The Blue Zone
          1. Prerequisites for a Blue Zone VPN
          2. Setup
      2. Summary
    13. 8. Managing Bandwidth with IPCop
      1. The Bandwidth Problem
      2. The HTTP Problem
      3. The Solutions: Proxying and Caching
      4. Introduction to Squid
      5. Configuring Squid
      6. Cache Management
        1. Transfer Limits
      7. Managing Bandwidth without a Cache
        1. Traffic Shaping Basics
        2. Traffic Shaping Configuration
        3. Adding a Traffic Shaping Service
        4. Editing a Traffic Shaping Service
      8. Summary
    14. 9. Customizing IPCop
      1. Addons
      2. Firewall Addons Server
        1. Installing Addons
      3. Common Addons
        1. SquidGuard
        2. Enhanced Filtering
          1. Blue Access
        3. LogSend
        4. Copfilter
          1. Status
          2. Email
          3. Monitoring
          4. POP3 Filtering
          5. SMTP Filtering
          6. HTTP Filter (and FTP)
          7. AntiSPAM
          8. AntiVirus
          9. Tests and Logs
        5. Up and Running!
      4. Summary
    15. 10. Testing, Auditing, and Hardening IPCop
      1. Security and Patch Management
        1. Why We Should Be Concerned
        2. Appliances and How this Affects Our Management of IPCop
      2. Basic Firewall Hardening
        1. Checking What Exposure Our Firewall Has to Clients
        2. What is Running on Our Firewall?
      3. Advanced Hardening
        1. Stack-Smashing Protector (Propolice)
        2. Service Hardening
      4. Logfiles and Monitoring Usage
        1. Establishing a Baseline with Graphs
        2. Logfiles
      5. Usage and Denial of Service
        1. CPU and Memory Usage
        2. Logged-In Users
        3. Other Security Analysis Tools
      6. Where to Go Next?
        1. Full-Disclosure
        2. Wikipedia
        3. SecurityFocus
        4. Literature
      7. Summary
    16. 11. IPCop Support
      1. Support
        1. User Mailing Lists
        2. Internet Relay Chat (IRC)
        3. Returning the Support
      2. Summary