ipcop rocks my socks
Written by jlgaddis on January 17, 2006 – 10:58 pm -It’s official. IPCop rocks my socks.
From the site, “IPCop Firewall is a Linux firewall distribution geared towards home and SOHO (Small Office/Home Office) users. The IPCop interface is very user-friendly and task-based. IPCop offers the critical functionality of an expensive network appliance using stock, or even obsolete, hardware and OpenSource Software.“
I had originally planned on installating SmoothWall at home, but apparently it doesn’t include SCSI support. Normally, this wouldn’t be an issue except that the box I wanted to use is a Dell PowerEdge 1300. It’s an old box, P2-450MHz, 384MB RAM, 2×9.1GB SCSI drives, and it would fit the bill perfectly. Unfortunately, the only IDE drive in it is a CD-ROM. I came across IPCop, which is based off of SmoothWall, but it has SCSI support.
I removed the 2Wire “residential gateway” (ADSL modem/router/WiFi) box from service, and replaced it with an old Westell “dumb bridge” that served me for a few years when I lived in Mitchell and had my DSL through Blueriver. SBC, my current DSL provider, requires one to use PPPoE to logon, which IPCop handles with ease. The Dell server, running IPCop handles the PPPoE connection and also does DNS and DHCP for the local network. The “other end” of the IPCop box runs into a Cisco switch, which all of the other LAN devices plug into.
IPCop has proven stable, and I haven’t had a single issue since I set it up. They have sure packed a helluva lotta power into a 40 MB ISO image: Firewalling, IPSec (for VPNs), DNS and DHCP servers, an intrusion detection system (Snort), a proxy server (Squid), and NTP and web servers. They built a nice little web-based GUI on top of it, meaning even non-Linux or non-I.T. people can manage it. The only issue I have is that their web-based GUI runs on port 445/TCP, which many companies may block since that’s also the port used by Windows filesharing traffic. My own company blocks 445/TCP at the edge for that very reason, meaning I can’t reach the web-based GUI from my office (well, I can, but it requires some trickery).
It’s actually working so well that I just set it up last night at a customer’s site. I’m sure they’ll be very pleased (they are thus far), but I’ll wait until it’s been “in production” for a bit before I post anything about how it’s working out for them.
Anyone else currently using IPCop (or have used it in the past)? Did you run into any issues? Is it working well? Are there other options you would recommend?
Tags: linux, networking, open-source, security | No Comments »
January 18th, 2006 at 10:35 am
I tested it out for a while and just decided it was more than I needed. Not only that, I really didn’t want to dedicate a machine solely to being a firewall/IDS/proxy/kitchensink. Overall, it is a very impressive solution for being free and in such a small package.
For about 2 years, I have relied on a Linksys WRT54G with a custom linux distro to provide firewalling and port forwarding. Anything needing internal access was handled via SSH and SSH port forwarding which was running on my webserver. In the next month, I plan on moving to a Zyxel Zywall 70 firewall with IPSec VPN. It is a pretty expensive (~$1000) device but it was “free” after a magazine review and will allow me to do QoS so that bittorrent won’t saturate my link and slow down my website traffic. Instead of an IDS, I will be adding Argus to my webserver to keep track of all network traffic and have a reference if an incident ever does occur.
Anyways…that was more than I planned on writing. I wish you continued good luck with it. Keep us updated on your experience with it.
-jhs
January 21st, 2006 at 9:23 am
[...] A couple of days ago, I wrote “IPCop Rocks My Socks” in which I told about installing and setting up IPCop for my home office use. I have to say, I still haven’t had a single issue with. [...]