Upload File

configuring ipcop

7
This step by step guide Log into IPCop: - Before you manage IPC o Loca o Web o Secu - The termin Based Inter 1 Configuring IP e will teach you how to configure you configure IPCop, you must login to it Cop. al Terminal You can login to the terminal whi Login as root with the password y b Based Interface Go to http://192.168.1.1:81. You below. Click the Connect button. You wi password. Login as admin with the admin pa installing IPCop. This method is recommended bec here. ure Shell (SSH) Terminal After you enable SSH in the Web below), you will be able to login r This is almost identical to the Loc nal methods are rarely used because th rface is recommended. PCop ur new IPCop machine. t. There are three ways that you can ile being physically at the machine. you specified while installing IPCop. u will see a page similar to the one ill be prompted for a username and assword you specified while cause most of the settings are found Based Interface (see instructions remotely via SSH. cal Terminal method. they are harder to use. The Web

Upload: derekivey

Post on 12-Nov-2014

8.641 views

Category:

Documents


4 download

Report

DESCRIPTION

A step by step tutorial explaining how to configure IPCop.

TRANSCRIPT

Page 1: Configuring IPCop

This step by step guide will teach you how to

Log into IPCop:

- Before you configure IPCop, you must login to it. There are three ways that you can

manage IPCop.

o Local

o Web Based Interface

o Secure Shell (SSH) Terminal

- The terminal methods are rarely used because they are harder to use. The Web

Based Interface is reco

1

Configuring IPCop

This step by step guide will teach you how to configure your new

Before you configure IPCop, you must login to it. There are three ways that you can

manage IPCop.

Local Terminal

� You can login to the terminal while being physically at the machine.

� Login as root with the password you specified while installing IPCop.

Web Based Interface

� Go to http://192.168.1.1:81. You will see a page similar to the one

below.

� Click the Connect button. You will be prompted for a username and

password.

� Login as admin with the admin password you specified while

installing IPCop.

� This method is recommended because most of the settings are found

here.

Secure Shell (SSH) Terminal

� After you enable SSH in the Web Based Interface (see instructions

below), you will be able to login remotely via SSH.

� This is almost identical to the Local Terminal method.

The terminal methods are rarely used because they are harder to use. The Web

Based Interface is recommended.

IPCop

configure your new IPCop machine.

Before you configure IPCop, you must login to it. There are three ways that you can

terminal while being physically at the machine.

with the password you specified while installing IPCop.

. You will see a page similar to the one

button. You will be prompted for a username and

with the admin password you specified while

This method is recommended because most of the settings are found

SSH in the Web Based Interface (see instructions

below), you will be able to login remotely via SSH.

This is almost identical to the Local Terminal method.

The terminal methods are rarely used because they are harder to use. The Web

Page 2: Configuring IPCop

Enable SSH Access

- Once you are logged into the Web Based Interface, go to

- Check the checkbox titled

- Also, check

authentication

- Click Save.

Changing the Admin Password

- Go to System

- You should see a page similar to the one below.

- For the Admin user password

- Click Save.

Changing the Priority of Applications:

- One useful feature of IPCop is its ability to do QoS (quality of service).

- QoS allows you to give different services higher priority over other services.

- Go to Services

- To add a new service, Select a

the service uses, the

checkbox.

- Click Add to add the new service.

- To edit an existing service, find it in the Traffic shaping services box and click the

pencil icon beside it.

- Repeat the above steps to change it.

2

Enable SSH Access:

Once you are logged into the Web Based Interface, go to

Check the checkbox titled SSH Access.

Also, check Allow password based authentication

authentication.

Admin Password:

System -> Passwords.

You should see a page similar to the one below.

Admin user password box, type your new password and confirm it.

Changing the Priority of Applications:

useful feature of IPCop is its ability to do QoS (quality of service).

QoS allows you to give different services higher priority over other services.

Services -> Traffic Shaping to manage the services.

To add a new service, Select a Priority from the

the service uses, the Protocol that it utilizes (TCP or UDP), and check the

to add the new service.

To edit an existing service, find it in the Traffic shaping services box and click the

pencil icon beside it.

Repeat the above steps to change it.

Once you are logged into the Web Based Interface, go to System -> SSH Access.

Allow password based authentication and Allow public key based

box, type your new password and confirm it.

useful feature of IPCop is its ability to do QoS (quality of service).

QoS allows you to give different services higher priority over other services.

to manage the services.

drop down box, enter the Port that

that it utilizes (TCP or UDP), and check the Enabled

To edit an existing service, find it in the Traffic shaping services box and click the

Page 3: Configuring IPCop

Enabling the DHCP Server

- Go to Services

- Check the Enabled

- Enter your desired

address and

- For Primary DNS

your DNS servers, see the instructions below.

- Once you fill out those settings, your page should look similar to the image below.

- Click Save to save your changes.

Enabling Intrusion Detection

- To enable Intrusion Detection, go to

- Check the checkboxes for the interfaces that you want to enable it on. I checked

both the GREEN and RED interface

- In order to get the latest rules for Snort, you need to sign up on their website

(http://www.snort.org

- Once you have created an account and activated, login and go to their user

preferences section. Click “Get Code”

- Enter the code that is generated into the

- For Snort rules update

button.

- Click Save, wait for the page to reload

- Click Apply now

Port Forwarding:

- Go to Firewall

- Select the Protocol

- For Source port

network.

- For Destination port

3

Enabling the DHCP Server:

Services -> DHCP Server.

Enabled checkbox beside Green Interface

Enter your desired start and end addresses. I used

and 192.168.1.130 as my end address.

Primary DNS, enter the IP Address of your IPCop machine

your DNS servers, see the instructions below.

Once you fill out those settings, your page should look similar to the image below.

to save your changes.

Enabling Intrusion Detection:

To enable Intrusion Detection, go to Services -> Intrusion Detection

Check the checkboxes for the interfaces that you want to enable it on. I checked

both the GREEN and RED interface for my setup.

In order to get the latest rules for Snort, you need to sign up on their website

http://www.snort.org) for a free account.

Once you have created an account and activated, login and go to their user

preferences section. Click “Get Code”

Enter the code that is generated into the Oink Code

Snort rules update, select the Sourcefire VRT rules for registered users

, wait for the page to reload.

Apply now.

:

Firewall -> Port Forwarding.

Protocol that the service you are forwarding uses (TCP or UDP)

Source port, enter the port that you want to forward to a computer on your

Destination port, enter the port of the service on your computer.

Green Interface.

I used 192.168.1.100 as my start

, enter the IP Address of your IPCop machine. If you want to change

Once you fill out those settings, your page should look similar to the image below.

> Intrusion Detection.

Check the checkboxes for the interfaces that you want to enable it on. I checked

for my setup.

In order to get the latest rules for Snort, you need to sign up on their website

Once you have created an account and activated, login and go to their user

Oink Code textbox in IPCop.

Sourcefire VRT rules for registered users radio

that the service you are forwarding uses (TCP or UDP).

, enter the port that you want to forward to a computer on your

of the service on your computer.

If you want to change

Page 4: Configuring IPCop

- In most cases,

often different if you want to have two things which use the same port to be

forwarded (for example, 2 Xboxes).

- For Destination IP

want to forward the port to.

- Check the Enabled

- Once finished, you should have a page similar to the image below.

- Click Add to add the new port

Disable Ping Response

- Sometimes you

This is useful as it helps prevent hackers from finding your IP Address.

- It silently drops ICMP packets.

- To enable this setting, go to

- You have three options:

- For my setup, I selected

- Click Save.

Enabling the Network Time Server

- The network time server allows you to synchronize the time on all of the computers

on your network with your IPCop machine.

- To enable the time server, go to

- Check the Obtain time from a Network Time Server

- For Primary NTP Server

- You can also choose a

- To allow your client computers to sync with the IPCop machine, check the

time to local network

- Select how often you want the time to be updated. I chose to do it every day.

- Click Save, wait for

- Click Set Time Now

4

In most cases, Source port and Destination port

often different if you want to have two things which use the same port to be

forwarded (for example, 2 Xboxes).

Destination IP, enter the IP Address of the computer on your network that you

want to forward the port to.

Enabled checkbox.

Once finished, you should have a page similar to the image below.

to add the new port.

Disable Ping Response:

Sometimes you may want to prevent your IPCop machine from responding to pings.

This is useful as it helps prevent hackers from finding your IP Address.

It silently drops ICMP packets.

To enable this setting, go to Firewall -> Firewall Options

You have three options: No, Only RED, or All Interfaces.

For my setup, I selected Only RED, which only blocks pings coming from the internet.

Enabling the Network Time Server:

The network time server allows you to synchronize the time on all of the computers

etwork with your IPCop machine.

To enable the time server, go to Services -> Time Server

Obtain time from a Network Time Server

Primary NTP Server, enter your preferred time server. I chose

You can also choose a Secondary NTP Server, but this is optional.

To allow your client computers to sync with the IPCop machine, check the

time to local network checkbox.

Select how often you want the time to be updated. I chose to do it every day.

, wait for the page to reload.

Set Time Now.

Destination port will be the same. Source port is

often different if you want to have two things which use the same port to be

IP Address of the computer on your network that you

Once finished, you should have a page similar to the image below.

may want to prevent your IPCop machine from responding to pings.

This is useful as it helps prevent hackers from finding your IP Address.

> Firewall Options.

All Interfaces.

, which only blocks pings coming from the internet.

The network time server allows you to synchronize the time on all of the computers

> Time Server.

Obtain time from a Network Time Server checkbox.

, enter your preferred time server. I chose time.nist.gov.

, but this is optional.

To allow your client computers to sync with the IPCop machine, check the Provide

Select how often you want the time to be updated. I chose to do it every day.

may want to prevent your IPCop machine from responding to pings.

, which only blocks pings coming from the internet.

Page 5: Configuring IPCop

Viewing the System Status

- You can view the status of your IPCop machine by going to

- This allows you to view various things such as the individual services, memory usage,

disk usage,

Viewing the Network Status

- To view the network status, go to

- You can view the IP Addresses of the individual interfaces, currently DHCP leases,

and various other

5

Viewing the System Status:

You can view the status of your IPCop machine by going to

This allows you to view various things such as the individual services, memory usage,

disk usage, uptime, load averages, and many other things.

Viewing the Network Status:

To view the network status, go to Status -> Network Status

You can view the IP Addresses of the individual interfaces, currently DHCP leases,

and various other statistics.

You can view the status of your IPCop machine by going to Status -> System Status.

This allows you to view various things such as the individual services, memory usage,

uptime, load averages, and many other things.

> Network Status.

You can view the IP Addresses of the individual interfaces, currently DHCP leases,

This allows you to view various things such as the individual services, memory usage,

Page 6: Configuring IPCop

Viewing the System Graphs

- To view the system graphs, go to

- The graphs let you view CPU Usage, Memory Usage, Swap File Usage, and Disk

Access.

Viewing the Traffic Graphs

- To view the traffic graphs, go to

- These graphs show you the traffic usage on each of the interfaces.

6

Viewing the System Graphs:

To view the system graphs, go to Status -> System Graphs

The graphs let you view CPU Usage, Memory Usage, Swap File Usage, and Disk

Viewing the Traffic Graphs:

To view the traffic graphs, go to Status -> Traffic Graphs

These graphs show you the traffic usage on each of the interfaces.

> System Graphs.

The graphs let you view CPU Usage, Memory Usage, Swap File Usage, and Disk

> Traffic Graphs.

These graphs show you the traffic usage on each of the interfaces.

Page 7: Configuring IPCop

Viewing the Connections on your Network

- To view the current connections on your network, go to

- This lets you filter by IP Address, status, and many other things.

7

Viewing the Connections on your Network:

To view the current connections on your network, go to

ets you filter by IP Address, status, and many other things.

To view the current connections on your network, go to Status -> Connections.

ets you filter by IP Address, status, and many other things.


Ipcop chapitre

Tai Lieu IPCop

IPCOP UrlFilter BlockOutTraffic.pdf

VPN en Ipcop

IPcop Advance Proxy

CAHIER D’ADMINISTRATION IPCOP

Tuto - IPCop

Instalación IPCop

34099125 Presentation IPCop

Pare-feu : IPCOP

Manual IPCOP

Tutorial IPCOP + UrlFilter + BlockOutTraffic IPCOPdaniel.dls.free.fr/tutorial/IPCOP UrlFilter...Tutorial IPCOP + UrlFilter + BlockOutTraffic 5/ PassWord ROOT & ADMIN Attention : les

IPCOP Install

Ipcop Admin Fr

Configuring IPCop Firewalls - Packt · Configuring IPCop Firewalls Closing Borders with Open Source How to setup, configure and manage your Linux firewall, web proxy, DHCP, DNS, time

T3 practica 2 ipcop

Tutorial IPCop Español - Introducción_Instalar

Administration IPCOP

capitulo 8 - IPCOP

installazione IPcop

IPCOP Explication

IPCOP-V2.0 Administration Manual

Ipcop Final v1.1

Ipcop - Tudo

Ipcop Updatexlrator En

IPCop Firewall

Firewall Ipcop

Firewall - IPCop

Manual Instal_config IPCOP

IPCop Management Part2

IPCOP Installation

Ice Guida Ipcop

Tutorial IPCop

Firewall Linux IPCOP

Guide IpCop