Slashdot Mirror

← Back to Domains

Domain: ipcop.org

Stories and comments across the archive that link to ipcop.org.

Comments · 116

  1. IPCop has one by wirefarm · · Score: 2 · on Using Snort Stealthily

    The IPCop Firewall Distro comes with snort and has an easy-to-understand web interface and a decent set of default rulesets. Unfortunately, tuning the rules cannot be done through the web interface, but you can log in and tweak with a text editor.

    Cheers,
    Jim

  2. Re:Wanna do it cheap?? by liquidsin · · Score: 2 · on Build a Cisco PIX for 800 Australian Dollars

    I did it with an old Pentium 75 (free from an aunt who'd upgraded and wanted rid of the old box), a couple $5 bargain bin ISA NICs and a copy of IPCop. So, including the cd I burned the ISO onto, less than $11 Canadian. It worked so well I built another one with an old P100 at work to share out a DSL line. So, yeah...no need to illegally obtain software when, for what 99.9% of us need it for, the free stuff is perfect. And if you actually *need* a router worth that kind of coin, you should have no problem getting the money. So what else, besides freesco and ipcop is everyone using for routers? (free/legal options only ;)

  3. Re:Why not use Smoothwall v2.0 by perlyking · · Score: 5, Informative · on Build a Cisco PIX for 800 Australian Dollars

    I recommend avoiding smoothwall (search usenet for "richard morrell smoothwall" for more info..).
    Try IPCOP for a GPL fork of smoothwall that is not a hidden attempt at selling things and is GPL in spirit, not just name.
    This article shouldnt have been how to make a pix it should be how to make a legal,cheap,open source alternative to one.

  4. Helpout OpenSource Projects by jackb_guppy · · Score: 1 · on Security Gatherings for the Little Guys

    Look into IPCop or come out to a local user group (LUG). Both have people with skills to and they want help out. At the same time, they and you will give back, by helping bring others up to speed with both knowledge and questions. So do a presentation, or start a security SIG.

    Yes, joining CERT notices or Bug Track will be your first information feed, but it is putting into action by talking to friends, testing firewalls, and helping others gets the information in use.

  5. Make them "kind of" separate by kasparov · · Score: 1 · on Internet Access at your Local Libaries?
    The best way to maintain security in this type of situation is to create logically separate networks. This doesn't mean that you have to buy completely new network equipment and never have the two networks touch.

    What you need is a firewall with multiple interfaces. You could go commercial and buy something like a Watchguard Firebox or set up a cheap linux box and use a pre-packaged linux firewall like IPCop or SmoothWall where you just boot off a cd and install/configure a Linux firewall.

    What you end up setting up is a DMZ. You would have a "Trusted" interface that could be your private library network, a DMZ interface that could be your public access network, and an external interface that is your connection to the Internet.

    You could set up the IPs as 192.168.0.0/24 for the trusted, 192.168.100/24 for the DMZ, and use your external ip segment for the external. You still can use all of the same network hardware that you have in place.

    Hope this helps.

  6. Less Hassle by wirefarm · · Score: 5, Interesting · on European Commission Sponsors Linux Audio Distribution

    I think making special-purpose distros are a good idea. If I can borrow a disk from a fiend, install it on a box and have everything I need to start creating music, this is a tremendously hassle-free to put their hardware to good use.

    One of my friends is a composer and a musician - he's also a programmer, but he has *no* Linux/Unix experience at all - could a distro like this help him get started? Sure.
    How about a music teacher at a highschool? Don't count on him/her having much computer experience at all - given teacher salaries and the typical equipment in schools, he or she would probably welcome something like this.

    I just don't see how focusing an effort on specializing a distro has any bad effect on other, more general distros. It takes nothing away, just adds...

    Look at the demand for Firewall distros like IPCop. (My personal favorite!) With that, I can dl a 20mb iso and have a working firewall in 20 minutes - I don't have to go in and disable a lot of services the way I would if I had started with any of the standard distros.

    Just my opinion...

    Cheers,
    Jim in Tokyo

  7. Ripped from my bookmarks: other distros by Cally · · Score: 5, Informative · on Linux on a Floppy: Intro to Mini Linux Distros
    Some other fits-onna-floppy distros; many of these are security-focused, firewall-appliance type efforts. Disclaimer, this list is of stuff I /want; to check out when I get the time: I'vfe no idea how good or bad they are, beyond Theo's famous comment about entrusting the most important piece of one's network to the most unreliable piece of hardware in modern computers (approximately). Some of them may actually NOT be floppy-distros, I need to clean up these bookmarks... jesus where did the time go... *sigh*

  8. Summary of mentioned firewalls, and a question by Anonymous Coward · · Score: 5, Informative · on Captain Crunch's New Boxes, Part II
    It looks like a lot of the Linux-based firewalls I've seen recommended here use ipchains with the 2.2 kernel instead of iptables with the 2.4 kernel. As far as I understand, this would mean they can't do connection tracking for things like FTP and IRC. Here's what I'm able to figure out so far...

    Firewalls using iptables with 2.4.x kernel:

    Firewalls using ipchains with 2.2.x kernel:

    Firewalls using ipfwadm with 2.0.x kernel:
    • Freesco: ipfwadm, 2.0.38 (!)
    • FWTK: Dunno, looks old, mentions ipfwadm

    My question is, isn't it best to use an iptables-based firewall on a 2.4.x kernel instead of an ipchains- or ipfwadm-based firewall on a 2.2.x or 2.0.x kernel? I definetely want the connection tracking capabilities in the 2.4.x kernel, especially for screwy things like FTP, IRC, etc. (Yes, I know there is an IRC connection tracking patch out now for 2.4 kernels...) Is a kernel that doesn't support connection tracking for firewalls a reasonable option these days?
  9. Try IPCop by SFNative · · Score: 1 · on Captain Crunch's New Boxes, Part II
    Anybody who has heard of Smoothwall has heard 1)It works like a charm, 2)The support involves calling people assholes and telling them to fuck off.

    IPCop works just like Smoothwall for now. The next version has some incredible features that will take you to places you can only go with Smoothwall if you're willing to pay, if you can go there at all. Plus, the support is quick and friendly.

    I use IPCop at home, at work and set it up for freinds and couldn't be happier.

    It has IDS, VPN, a web proxy...eh, I could go on and on. Go check out the page!

    Long live IPCop!

  10. Re:File systems - Not all by jackb_guppy · · Score: 1 · on Captain Crunch's New Boxes, Part II

    IPCop now is using Ext3. See features of V0.1.1. 2.4 Kernel and IPTables in V0.2

  11. May I suggest IPCop by brianc · · Score: 1 · on Captain Crunch's New Boxes, Part II

    http://www.ipcop.org/

    It started as a fork of SmoothWall (without the
    attitude) and has grown steadily since.

    I encourage everyone to check it and the mailing lists out!

  12. May I suggest IPCop by brianc · · Score: 1 · on Captain Crunch's New Boxes, Part II

    http://www.ipcop.org/

    It started as a fork of SmoothWall (without the
    attitude) and has grown steadily since.

    I encourage everyone to check it and the mailing lists out!

  13. Re:Smoothwall by TellarHK · · Score: 4, Informative · on Captain Crunch's New Boxes, Part II

    Yep, Morrell is definitely someone to watch out for. He threatens, harasses, and insults practically anyone that doesn't tell him Smoothwall's the greatest thing since using the GPL as a way to fork off to a commercial product after getting overenthusiastic community ego boosting.

    He's gone so far as to make legal quasi-threats against me and other critics of his treatment of Smoothwall users. He's driven away enough developers that the IPCop project was formed and seems to have done quite a good job at proving themselves to have intentions of being more than just another forked project. IPCop has performed just wonderfully for me since my abandonment of Smoothwall.

    For the morbidly curious, I have an archive of my emailing back and forth with Richard on this webpage.

  14. IPCop by cyroth · · Score: 2, Informative · on Captain Crunch's New Boxes, Part II

    Give IPCop a go. Very similar to Smoothwall without the "attitude" that some people suffer from.

  15. Re: Attitude Problems with Smoothwall Developers by onya · · Score: 5, Informative · on SmoothWall Firewall Review

    for this reason, (and others) there has been a fork from smoothwall gpl to create a new project called ip cop. you can download a beta .iso from the website. ipcop.org

    for me it was a straightforward switch from smoothwall to ipcop. easiest install of any operating system i've ever seen. ipcop supports ext3 (for no extra cost!) which is great for unplanned reboots.

  16. No more comments on Morrell, please! Try IPCop! by BitMan · · Score: 5, Informative · on SmoothWall Firewall Review

    As your momma always said: 'If you don't have anything good to say about someone, don't say it' or 'if you someone keeps "bothering" you, just stay away from them.' It's as simple as that.

    So if you don't like Richard Morrell, head of the SmoothWall project, consider:

    • ignoring him
    • the fact that SmoothWall is free software and freely supported (regardless of the "requests" for monetary support made)
    • disregarding SmoothWall altogether, if it really "bothers" you that much (see below)

    Personally, I'm sick of the "one-sided" reporting on Mr. Morrell. I've seen way too many people "complain" about him, but never comment on various personal details that are partially the cause of this -- let alone the daily on-slaught of Windows users who've barely heard of Linux, who don't bother reading the FAQ, let alone demand that SmoothWall automagically support every little, crappy-designed Windows application and their proprietary protocols that don't work well with firewalls anyway. After a week of being on the SmoothWall lists, I'd kill some very rude and ungrateful users well before Morrell. If you feel Morrell is "really bad for the project," then that's his problem, not yours!

    Now if you still want something like SmoothWall without the SmoothWall(TM), take notice that others have forked the project into a new one called IPCop. Version 0.1.0 features SmoothWall 0.9.9, all the major post-0.9.9 patches and various enhancements. A final 0.1.1 release is to follow shortly before the team starts to work on version 0.2.0, an Linux 2.4/Netfilter implementation.

    For all I care, you can think of IPCop as "SmoothWall without Morrell." Just don't say it outloud since many of us are all sick of hearing it!