Configuring IPCop Firewalls: Closing Borders with Open Source
暫譯: 配置 IPCop 防火牆：以開源技術封閉邊界

IPCop is a powerful, open source, Linux based firewall distribution for primarily Small Office Or Home (SOHO) networks, although it can be used in larger networks. It provides most of the features that you would expect a modern firewall to have, and what is most important is that it sets this all up for you in a highly automated and simplified way.

This book is an easy introduction to this popular application. After introducing and explaining the foundations of firewalling and networking and why they're important, the book moves on to cover using IPCop, from installing it, through configuring it, to more advanced features, such as configuring IPCop to work as an IDS, VPN and using it for bandwidth management. While providing necessary theoretical background, the book takes a practical approach, presenting sample configurations for home users, small businesses, and large businesses. The book contains plenty of illustrative examples.

Table of Contents

• Preface

 

• Chapter 1: Introduction to Firewalls
  • An Introduction to (TCP/IP) Networking
  • The Purpose of Firewalls
  • The OSI Model
    • Layer 1: The Physical Layer
    • Layer 2: The Data Link Layer
    • Layer 3: The Network Layer
    • Layer 4: The Transport Layer
    • Layer 5: The Session Layer
    • Layer 6: The Presentation Layer
    • Layer 7: The Application Layer
  • How Networks are Structured
    • Servers and Clients
    • Switches and Hubs
    • Routers
    • Routers, Firewalls, and NAT
      • Network Address Translation
      • Combined Role Devices
  • Traffic Filtering
    • Personal Firewalls
    • Stateless Packet Filtering
    • Stateful Packet Filtering
    • Application-Layer Firewalling
    • Proxy Servers
  • Other Services Sometimes Run on Firewalls
    • DNS
    • DHCP
  • Summary

 

• Chapter 2: Introduction to IPCop
  • Free and Open Source Software
    • Forking IPCop
  • The Purpose of IPCop
  • The Benefits of Building on Stable Components
  • The Gap IPCop Fills
  • Features of IPCop
    • Web Interface
    • Network Interfaces
    • The Green Network Interface
    • The Red Network Interface
      • USB and PCI ADSL Modems
      • ISDN Modems
      • Analog (POTS) Modems
      • Cable and Satellite Internet
    • The Orange Network Interface
    • The Blue Network Interfaces
    • Simple Administration and Monitoring
    • Modem Settings
    • Services
      • Web Proxy
      • DHCP
      • Dynamic DNS
      • Time Server
      • Advanced Network Services
      • Port Forwarding
  • Virtual Private Networking
    • ProPolice Stack Protection
  • Why IPCop?
  • Summary

 

• Chapter 3: Deploying IPCop and Designing a Network
  • Trust Relationships between the Interfaces
  • Altering IPCop Functionality
  • Topology One: NAT Firewall
  • Topology Two: NAT Firewall with DMZ
  • Topology Three: NAT Firewall with DMZ and Wireless
  • Planning Site-To-Site VPN Topologies
  • Summary

 

• Chapter 4: Installing IPCop
  • Hardware Requirements
  • Other Hardware Considerations
  • The Installation Procedure
    • Installation Media
    • Hard Drive Partitioning and Formatting
    • Restore Configuration from Floppy Backup
  • Green Interface Configuration
    • Finished?
    • Locale Settings
    • Hostname
    • DNS Domain Name
    • ISDN Configuration
    • Network Configuration
      • Drivers and Card Assignment
      • Address Settings
    • DNS and Default Gateway
    • DHCP Server
    • Finished!
  • First Boot
  • Summary

 

• Chapter 5: Basic IPCop Usage
  • The System Menu
    • Software Updates
    • Passwords
    • SSH Access
      • Connecting to SSH
      • A Little More about SSH
    • GUI Settings
    • Backup
    • Shutdown
  • Checking the Status of Our IPCop Firewall
  • Network Status
    • System Graphs
    • Network Graphs
    • Connections
  • Services
    • DHCP Server
    • Dynamic DNS
    • Edit Hosts
    • Time Server
  • Firewall Functionality
    • External Access
    • Port Forwarding
    • Firewall Options
    • Network Troubleshooting with Ping
  • Summary

 

• Chapter 6: Intrusion Detection with IPCop
  • Introduction to IDS
  • Introduction to Snort
  • Do We Need an IDS?
  • How Does an IDS Work?
  • Using Snort with IPCop
  • Monitoring the Logs
    • Priority
  • Log Analysis Options
    • Perl Scripts
    • ACID and BASE
  • What to Do Next?
  • Summary

 

• Chapter 7: Virtual Private Networks
  • What is a VPN?
    • IPSec
    • A Little More about Deploying IPSec
    • Prerequisites for a Successful VPN
    • Verifying Connectivity
    • Host-to-Net Connections Using Pre-Shared Keys
    • Host-to-Net Connections Using Certificates
      • A Brief Explanation of Certificates and X.509
    • Certificates with IPSec in IPCop
    • Site-to-Site VPNs Using Certificates
    • VPN Authentication Options
    • Configuring Clients for VPNs
    • The Blue Zone
      • Prerequisites for a Blue Zone VPN
      • Setup
  • Summary

 

• Chapter 8: Managing Bandwidth with IPCop
  • The Bandwidth Problem
  • The HTTP Problem
  • The Solutions: Proxying and Caching
  • Introduction to Squid
  • Configuring Squid
  • Cache Management
    • Transfer Limits
  • Managing Bandwidth without a Cache
    • Traffic Shaping Basics
    • Traffic Shaping Configuration
    • Adding a Traffic Shaping Service
    • Editing a Traffic Shaping Service
  • Summary

 

• Chapter 9: Customizing IPCop
  • Addons
  • Firewall Addons Server
    • Installing Addons
  • Common Addons
    • SquidGuard
    • Enhanced Filtering
      • Blue Access
    • LogSend
    • Copfilter
      • Status
      • Email
      • Monitoring
      • POP3 Filtering
      • SMTP Filtering
      • HTTP Filter (and FTP)
      • AntiSPAM
      • AntiVirus
      • Tests and Logs
    • Up and Running!
  • Summary

 

• Chapter 10: Testing, Auditing, and Hardening IPCop
  • Security and Patch Management
    • Why We Should Be Concerned
    • Appliances and How this Affects Our Management of IPCop
  • Basic Firewall Hardening
    • Checking What Exposure Our Firewall Has to Clients
    • What is Running on Our Firewall?
  • Advanced Hardening
    • Stack-Smashing Protector (Propolice)
    • Service Hardening
  • Logfiles and Monitoring Usage
    • Establishing a Baseline with Graphs
    • Logfiles
  • Usage and Denial of Service
    • CPU and Memory Usage
    • Logged-In Users
    • Other Security Analysis Tools
  • Where to Go Next?
    • Full-Disclosure
    • Wikipedia
    • SecurityFocus
    • Literature
  • Summary

 

• Chapter 11: IPCop Support
• Support
  • User Mailing Lists
  • Internet Relay Chat (IRC)
  • Returning the Support
• Summar

 

• Index