Hi Guys
The best thigs in life are free, goes the saying, and this also includes firewalls. The IPCop project is a collaboration, the mission of which is, quite simply, to produce the best Linux-based firewall, primarily for home users and small businesses. The software is freely available for download, but the IPCop team accepts no monetary donations, Instead, it asks, where possible, for coding skills, time and hardware to be donated to help the project. Installation starts by downloading the appropriate ISO image and burning a bootable cd. Load this onto your donor system, answer a few simple questions and five minutes later your firewall is ready to go.
IPCop supports both IDE and SCSI hard disks, and demands on the disk system are minimal. Next you add an IP address for the LAN and then remotely connect to your new appliance via a browser. From version 1.4.1 will now automatically switch you over to a HTTPS session, although vers 1.4.4 is available. IPCop supports LAN and WAN connections. It can use extra network adaptors for DMZ (demilitarized zone) and wireless ports as well, although these must be set up during the installation phase. The WAN connection also supports PSTN, ISDN and ADSL modems, but check out the website first, as limited device support is probably IPCop's biggest weakness.
The system tab provides swift access to configuration backup facilities, password settings and a page that advises of any updates, as well as providing facilities for downloading and applying them. From the services tab, you can activate web proxy and caching features, decide on how much disk space the latter can use and whether to limit the size of file transfers. Along with many appliance vendors, IPCop uses the open-source "Snort" for intrusion detection you can download new attack rules directly onto the appliance. IPCop also supports VPN's and offers basic traffic shaping functions where you can prioritise sevices based on port numbers.
Where IPCop scores heavily over typical dumb NAT firewall boxes is with its high levels of operational information. Most low cost security appliances have virtually no reporting facilities, so you've no idea if they are handling the load or whether you have been subject to an attack. IPCop's firewall logs provide a wealth of information about each attack and its origin. The status tab keeps you well informed about system memory and disk resources, plus all services. There are plenty of graphs showing resource usage and all network activity on each configured interface. Further, there is a connection tracker that also keeps a record of all source and destination IP addresses in a table, colour coded for each interface.
The Firewall ISO is available from here:
www.ipcop.org
Here are a couple of screen shots, so you can see what I mean. The screenies are taken from a French version, so don't worry about the language difference lol
Give it a go if you think it suits your needs
PV
The best thigs in life are free, goes the saying, and this also includes firewalls. The IPCop project is a collaboration, the mission of which is, quite simply, to produce the best Linux-based firewall, primarily for home users and small businesses. The software is freely available for download, but the IPCop team accepts no monetary donations, Instead, it asks, where possible, for coding skills, time and hardware to be donated to help the project. Installation starts by downloading the appropriate ISO image and burning a bootable cd. Load this onto your donor system, answer a few simple questions and five minutes later your firewall is ready to go.
IPCop supports both IDE and SCSI hard disks, and demands on the disk system are minimal. Next you add an IP address for the LAN and then remotely connect to your new appliance via a browser. From version 1.4.1 will now automatically switch you over to a HTTPS session, although vers 1.4.4 is available. IPCop supports LAN and WAN connections. It can use extra network adaptors for DMZ (demilitarized zone) and wireless ports as well, although these must be set up during the installation phase. The WAN connection also supports PSTN, ISDN and ADSL modems, but check out the website first, as limited device support is probably IPCop's biggest weakness.
The system tab provides swift access to configuration backup facilities, password settings and a page that advises of any updates, as well as providing facilities for downloading and applying them. From the services tab, you can activate web proxy and caching features, decide on how much disk space the latter can use and whether to limit the size of file transfers. Along with many appliance vendors, IPCop uses the open-source "Snort" for intrusion detection you can download new attack rules directly onto the appliance. IPCop also supports VPN's and offers basic traffic shaping functions where you can prioritise sevices based on port numbers.
Where IPCop scores heavily over typical dumb NAT firewall boxes is with its high levels of operational information. Most low cost security appliances have virtually no reporting facilities, so you've no idea if they are handling the load or whether you have been subject to an attack. IPCop's firewall logs provide a wealth of information about each attack and its origin. The status tab keeps you well informed about system memory and disk resources, plus all services. There are plenty of graphs showing resource usage and all network activity on each configured interface. Further, there is a connection tracker that also keeps a record of all source and destination IP addresses in a table, colour coded for each interface.
The Firewall ISO is available from here:
www.ipcop.org
Here are a couple of screen shots, so you can see what I mean. The screenies are taken from a French version, so don't worry about the language difference lol
Give it a go if you think it suits your needs
PV
