Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
08-05-2003, 05:24 AM
|
#1
|
LQ Newbie
Registered: Feb 2003
Posts: 20
Rep:
|
IPCop
Hi all
I've been mulling over which distr. to use when setting up a firewall. Basically it will be for home system protection. The internet connection will be ADSL (broadband, or whatever other sales speek it's called)..
OK so I've been thinking that the less software apps, etc I have on the firewall machine the beter. I've been thinking about installing IPCop, as all that machine will be doing is firewalling..
any suggestions ?
do I really need to install RH / SUSE / whatever ???
thanks
G
|
|
|
08-05-2003, 07:48 AM
|
#2
|
Member
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238
Rep:
|
Yup ipcop needs an OS to run on. From ipcop.org:
"Requirements
It should theoretically be possible to build IPCop on any RPM 4.x based Linux platform. The build process has only been tested on Mandrake 8.1, Redhat 7.1, Redhat 7.2 and Redhat 7.3. Redhat 8.0 and later will NOT work. If you have more information, please send an e-mail to Troy McNeill .
You should have at least the following to build IPCop:
A broadband connection; you need to download close to 100MB in sources.
An RPM 4.x based Linux distribution.
egcs (kgcc)
dev86
gmp and gmp-devel (or libgmp and libgmp-devel) packages; required for building FreeS/Wan.
Builds appear to be done on a daily basis of IPcop from the CVS. From here you can build yourself a working IPCOP system! you can now drop the 'baggage' forever! "
That said a minimal install of an OS is all that is needed. Add routing and whatever packet filter software the OS uses and go from there.
|
|
|
08-05-2003, 08:21 AM
|
#3
|
Member
Registered: Feb 2003
Location: Somewhere, UK
Distribution: Slack, OpenBSD, Debian, SuSE
Posts: 189
Rep:
|
erm ... no, your wrong
cyph3r7 is a little confused, IPCop is NOT any sort of program etc. it is a distrobution in its own right, therefore, no other installation of any other distro is needed, all IPCop is is a scaled down distrobution with very minimal program sets etc. which is geared up towards providing security
it is possibly the easiest install I've ever done, download the iso, burn it to a cd, get your machine that you want to install it on (it will format the drive so make sure all important data is removed) and there you go, if you cant work it out from there on then ....
|
|
|
08-05-2003, 08:54 AM
|
#4
|
LQ Newbie
Registered: Feb 2003
Posts: 20
Original Poster
Rep:
|
phew..
thought I was going a bit loony for a while there, cause I was sure I didn't need an OS for it.
busy installing as we speaketh..
erm..does one need to start the GUI or does that start automatically once installed ?
G
|
|
|
08-05-2003, 09:30 AM
|
#5
|
LQ Newbie
Registered: Feb 2003
Posts: 20
Original Poster
Rep:
|
would you say this is agood plan ?
or would you recommend that I install an OS and just use iptables ?
My original thoughts were to keep it simple but if anyone knows of something I may come across , which Ipcop doesn't provide, give me a shout.
thanks for the help
G
|
|
|
08-05-2003, 10:19 AM
|
#6
|
Member
Registered: Jul 2003
Distribution: Ubuntu, SUSE
Posts: 79
Rep:
|
I'm also considering setting up a dedicated Linux firewall (free) for a very small business that I administer. I need something with more security than our Linksys BEFSR41 router. I'm not sure if this is the best choice for me or not- basically I need the reliability (basically 100% uptime) of our router, ease-of-use (full web GUI admin), and I need to be able to set it up once, then forget about it. (We have very little time for system admin, I have other jobs there too!) Aside from that, I definitely need NAT, GUI MAC address cloning configuration, and GUI DMZ configuration. Should I consider IPcop, Smoothwall, Clarkconnect, or something else? Can someone also explain exactly what security benefits these will provide, compared to the NAT and port-shrouding that we rely on now? Thanks for the help!
|
|
|
08-05-2003, 11:46 AM
|
#7
|
Member
Registered: Apr 2003
Location: Silicon Valley East, Northern Virginia
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238
Rep:
|
would have helped had I RTFM!
|
|
|
08-12-2003, 05:43 PM
|
#8
|
LQ Newbie
Registered: Aug 2003
Location: Scotland
Posts: 3
Rep:
|
ipcop firewall and isdn question
I currently use ipcop on my small business network and am impressed. I run two machines with ipcop, one for 56k dial up, the other for a 64k isdn. I want to use the other 64k isdn channel with another ipcop machine but don't know if it can be done. My isp does not support 128k so I can't channel bond. I have two isdn numbers therefore I should be able to tell each ipcop machine which channel to use, I think! Any ideas anyone? Sorry if you have read this before under the software forum but I posted this as my first post but it did not appear!!
Thanks
|
|
|
06-22-2006, 02:40 PM
|
#9
|
LQ Newbie
Registered: Jun 2006
Posts: 6
Rep:
|
Does anyone know if IPCop can be used as a filter and not as a firewall. Do you have to use two interface colors? I got green set up with ISDN disabled and was able to access the GUI but couldnt access the internet, which i need to access to get updates. when i tried using the red interface (yes I installed another NIC) i cant even reach the GUI anymore. please help.
oh there is already a firewall on my network, i am just trying to test out IPCop to use as a Web content filter and possibly for spam filtering. I would really apreciate any help someone can give me.
|
|
|
06-22-2006, 03:57 PM
|
#10
|
Member
Registered: Aug 2005
Distribution: Debian, OpenBSD, PFsense
Posts: 73
Rep:
|
Quote:
Originally Posted by whitedad
Does anyone know if IPCop can be used as a filter and not as a firewall. Do you have to use two interface colors? I got green set up with ISDN disabled and was able to access the GUI but couldnt access the internet, which i need to access to get updates. when i tried using the red interface (yes I installed another NIC) i cant even reach the GUI anymore. please help.
oh there is already a firewall on my network, i am just trying to test out IPCop to use as a Web content filter and possibly for spam filtering. I would really apreciate any help someone can give me.
|
you should rather use something like clarkconnect if you don't need the firewall in IPcop as it's main purpose is to be a firewall, in the installation of clarkconnect you can select the packages you need, so you don't have to install a firewall, though if you do not have a firewall it's easy to bypass your proxy filtering by manually setting a proxy
|
|
|
All times are GMT -5. The time now is 12:50 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|