evilrouters.net

A couple of days ago, I wrote “IPCop Rocks My Socks” in which I told about installing and setting up IPCop for my home office use. I have to say, I still haven’t had a single issue with.

Since the initial installation, I’ve installed two add-ons from firewalladdons.sourceforge.net: Cop+ and Logsend.

Cop+ is “a DansGuardian bundle of addons designed for a small office environment”. In a nutshell, it’s DansGuardian packaged up for IPCop. I don’t really need this content-filtering at home, but I’m implementing this exact setup for a customer so I wanted to test everything out first, of course. It’s been working flawlessly.

The second add-on I installed was Logsend. “This includes DShield, and Logcheck. It also adds the ability to send DansGuardian, Squid Proxy, and Snort logs to the Adminstrator. DShield, checks your firewall logs for possible intrusion and mails a copy to DShield. LogCheck, checks your firewall logs and Mails the report to the Administrator.”

Logsend will take the various logs that are recorded throughout the day and send them to an administrator overnight. This will be real handy for the customer mentioned above, who previously had this functionality with their previous network appliance. The ability to send logs to dshield is just something I like. When I can help out without having to do anything, that’s a win-win! I have been to a SANS conference and hold a GIAC certification, so I’m all for helping out the SANS guys whenever possible.

I mentioned previously that I had set up IPCop for a customer. I haven’t heard a single complaint as of yet (always a good thing!), though none of the users should have known a difference. I love it when you can complete replace the supporting infrastructure and no one notices — that means you did it right! This evening, after they close, I’ll be adding in the Dansguardian piece. This will make them CIPA-compliant once again (which is a requirement for them) — this is a public library, by the way.

Also, I’ve found somewhere else to deploy this solution! The College that I work for has a computer lab in a building on “the hill”, which is a section of town that is basically “the projects”. There’s a Windows-based content-filtering proxy in use over there right now, but it was commercial, of course, and we’ve had some issues with it previously. I got the okay from my boss to implement this same IPCop+DansGuardian setup there. The nice thing is, we’ll have the ability to administer it from anywhere, which will come in handy the first time someone calls to report a problem in/with the computer lab.

Anyways, I’ll keep everyone updated — this promises to be fun and interesting. As always, I’m interested in hearing about anyone else’s experiences with anything mentioned here.