Configuring IPCop Firewalls

    Date09 Nov 2006
    CategoryBook Reviews
    Posted ByBrittany Day
    IPCop is a tool that can be deployed in almost any place within a network and serve a functional purpose. It has an intuitive easy to use interface that is great for users of any level. And the fact that no prior Linux or IPCop knowledge is required is just another bonus.

    Date: 10 Nov 2006

    IPCop is a tool that can be deployed in almost any place within a network and serve a functional purpose. It has an intuitive easy to use interface that is great for users of any level. And the fact that no prior Linux or IPCop knowledge is required is just another bonus.

    TitleConfiguring IPCop Firewalls: Closing Borders with Open Source
    AuthorBarrie Dempster and James Eaton-Lee
    PublisherPackt Publishing
    Edition1st Edition (Sep 2006)


    Geared towards your average individual with a very limited knowledge of firewalling, networking, or even open source software in general Configuring IPCop Firewalls is an excellent starting point.


    As this book is geared towards those without prior knowledge of Linux or networking experience, it starts out simple. There are discussions of the OSI (Open Systems Interconnection) model, network design and structure, filtering and shaping devices, and dedicated hardware. The authors then move on to concepts more specific to IPCop and its intuitive interface. They talk about the different colored interfaces and how they apply to network traffic and network security.

    Chapter 3 then delves deeper into designing a network and creating a proper topology for your setup. At this point, the reader should have enough of an understanding to accomplish this task for an IPCop network.

    Now that you have a plan for your network, it is time to install IPCop. The next chapter takes you through the installation process in a step-by-step manner with the associated graphics.

    Although IPCop has the ability to be complex, the web interface makes many things very easy. Chapter 5 takes you through some basic usage of the web interface.

    Once the basics have been covered and the initial configuration out of the way, it is time to make the machine do what you want it to do. Chapter 6 takes the reader through configuring Snort, an IDS (Intrusion Detection System). It contains everything from log monitoring to log analyzers. Then moving onto VPNs (Virtual Private Networks), IPCop allows the user to easily setup anyone of the major protocols including IPSec, L2TP, PPTP, SSH, SSL, and even some of the proprietary VPN protocols that are publically available. You can even integrate Wifi access into the VPN interface (something not easily done on your average firewall).

    As bandwidth is universal problem, IPCop provides helper applications in this realm. There is a section of the web interface that is used to configure Squid, a proxy and caching server. IPCop also covers one of the majorly underused (partially because of its complexity) applications of traffic shaping and caching. By having an easy interface to prioritize traffic and access to the various services available via your network, you can create a very user friendly network.

    Finally the book wraps up with how to customize your configuration. These include such addons as SquidGuard for Squid, MAC address based filtering, remote logging, malware detection, and email scanning just to name a few. And with each addon, there is a web interface for configuring it. And as security is always an issue, which is likely the reason you set up IPCop to begin with, it also comes with a section on auditing, patch management and auditing.


    Firewalls have come a long way in the time that I have been working with computers. I had never even heard of IPCop prior to reading this book. And ever since I picked it up, I did an immediate install on a spare virtual machine to play around and immediately liked what I saw. Every time I came across something that I thought would be useful to do, I just referenced the book and it was easy enough to it setup, especially the VPN with IPSec.

    In my opinion, the best thing about Configuring IPCop Firewalls is the progressive approach the book takes to walking you through design, installation, setup, configuration, then hardening. Although this may seem trivial, this is a process that many (even in the industry) skip over and go right to implementation and end up paying for it in the long run. Since this book is geared towards newer users, it puts them into good habits that should be kept throughout their career with network administration.

    I would definitely recommend this book to someone with a straightforward network setup who wants to begin to delve deeper into the world of network administration. If the network is likely to be complex, then IPCop is not necessarily the way to go.

    Reviewed by:This email address is being protected from spambots. You need JavaScript enabled to view it.

    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"8","type":"x","order":"1","pct":61.54,"resources":[]},{"id":"88","title":"Should be more technical","votes":"3","type":"x","order":"2","pct":23.08,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"2","type":"x","order":"3","pct":15.38,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.