How good is IPCop?

depam · 05-03-2006, 02:18 AM

Hi Guys!

I installed IPCop on my P3 unit. I am kinda new to networking and in security. I just want to have an idea if IPCop can really withstand all the attacks from the hackers? I mean, i like the distro because it doesn't only offer firewall but a internet sharing so to speak. Are there any security holes in IPCop? If so, can you suggest a strong firewall distro? Thanks.

satinet · 05-03-2006, 05:25 AM

it's specifically hardened for the job. You need to install security updates as they appear - but this is the same for any firewall.

Yes, it is a good firewall. most hardware firewalls are based on unix or linux, which shows that it's a good platform for this sort of thing.

i would suggest it's more effective than most cheap hardware based firewalls. Unless your going to invest hundreds in something like a nokia ip40 then i think you've made a good choice........

2damncommon · 05-03-2006, 07:35 PM

Consider what IPCop is. It is a small system that only has what IPCop needs. In other words, IPCop does not even have most of the programs that have vulnerabilities, probably unlike your personal desktop. As satinet mentions, you want to keep up on any updates to be sure any security holes are closed.
I have run both IPCop and Smoothwall on a Pentium 100 with 32MB RAM as my firewall for years.
I do not believe any firewall solution is 100%. I give both Smoothwall and IPCop very high marks.

satinet · 05-04-2006, 03:35 AM

yeah, i've used ipcop and smoothwall and they were great. However, now i've got a netgear router,firewall,wireless,modem thingie that's okay too.

m0n0wall has some cool features, so it's also worth checking out........

blahpony · 05-04-2006, 12:42 PM

I've been using IPCop for a few months now. It works quite well. I have it running on a PIII 450 with 256 megs of ram and a 4.3 gig hard drive. Very good use for older hardware that otherwise would be gathering dust.

satinet · 05-04-2006, 01:49 PM

can you do packet shaping on IP cop?

it's ages since i used it.....

depam · 05-05-2006, 07:19 PM

IPCop has a traffic shaping feature. Our bandwidth is just 512 so I need to allocate only 256 kbps for the users. Anyway, you told me that you need to have security updates to assure IPCop is secure. What do you mean by this? I see to it that I update the snort intrusion detection. Is that enough already?

Alphamale · 05-05-2006, 10:47 PM

I have installed ipcop _firewall_ at alot of my clients...and using it myself at home and at the office. Can truely say that IT WORKS. Hav also see virus infections going down since..
Makes installing a gateway/proxy/firewall a breeze.

satinet · 05-06-2006, 02:18 PM

i'm just saying that the IP cop people release updates from time to time..... which they do. so i would advise to install them, but that said i wouldn't worry too much.......

depam · 05-06-2006, 06:39 PM

Guys,

I've recently installed Advproxy in IPcop. I need some authentication features and Advproxy works well on doing such things. However, my problem is that port 80 became open even on the external network. I tried to nmap our network from the outside and it says port 80 Squid http proxy is open. I also tried to telnet using a linux box and it went in. Although the windows could not connect using the telnet. Is this a security issue on advproxy? I mean, does that mean I am having a open proxy?