Scribd Logo
Upload

Welcome to Scribd!

  • Configuring IPCop

    Uploaded by

    derekivey
    9K views7 pages
    A step by step tutorial explaining how to configure IPCop.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    A step by step tutorial explaining how to configure IPCop.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    9K views7 pages

    Configuring IPCop

    Uploaded by

    derekivey
    A step by step tutorial explaining how to configure IPCop.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 7

    Configuring IPCop

    This step by step guide will teach you how to configure your new IPCop machine.

    Log into IPCop:

    - Before you configure IPCop, you must login to it. There are three ways that you can
    manage IPCop.
    o Local Terminal
     You can login to the terminal while being physically at the machine.
     Login as root with the password you specified while installing IPCop.
    o Web Based Interface
     Go to http://192.168.1.1:81.. You will see a page similar to the one
    below.

     Click the Connect button. You will be prompted for a username and
    password.
     Login as admin with the admin password you specified while
    installing IPCop.
     This method is recommended because most of the settings are found
    here.
    o Secure Shell (SSH) Terminal
     After you enable SSH in the Web Based Interface (see instructions
    below), you will be able to login remotely via SSH.
     This is almost identical to the Local Terminal method.
    - The terminal methods are rarely used because they are harder to use. The Web
    Based Interface is recommended.
    reco

    1
    Enable SSH Access:
    Access

    - Once you are logged into the Web Based Interface, go to System -> SSH Access.
    - Check the checkbox titled SSH Access.
    - Also, check Allow password based authentication and Allow public key based
    authentication
    authentication.
    - Click Save.

    Changing the Admin Password:


    Password

    - Go to System -> Passwords.


    - You should see a page similar to the one below.

    - For the Admin user password box, type your new password and confirm it.
    - Click Save.

    Changing the Priority of Applications:

    - One useful feature of IPCop is its ability to do QoS (quality of service).


    - QoS allows you to give different services higher priority over other services.
    - Go to Services -> Traffic Shaping to manage the services.
    - To add a new service, Select a Priority from the drop down box, enter the Port that
    the service uses, the Protocol that it utilizes (TCP or UDP), and check the Enabled
    checkbox.
    - Click Add to add the new service.
    - To edit an existing service, find it in the Traffic shaping services box and click the
    pencil icon beside it.
    - Repeat the above steps to change it.

    2
    Enabling the DHCP Server:
    Server

    - Go to Services -> DHCP Server.


    - Check the Enabled checkbox beside Green Interface
    Interface.
    - Enter your desired start and end addresses. I used 192.168.1.100 as my start
    address and 192.168.1.130 as my end address.
    - For Primary DNS,
    DNS, enter the IP Address of your IPCop machine
    machine. If you want to change
    your DNS servers, see the instructions below.
    - Once you fill out those settings, your page should look similar to the image below.

    - Click Save to save your changes.

    Enabling Intrusion Detection:


    Detection

    - To enable Intrusion Detection, go to Services ->> Intrusion Detection


    Detection.
    - Check the checkboxes for the interfaces that you want to enable it on. I checked
    both the GREEN and RED interface for my setup.
    - In order to get the latest rules for Snort, you need to sign up on their website
    (http://www.snort.org
    http://www.snort.org) for a free account.
    - Once you have created an account and activated, login and go to their user
    preferences section. Click “Get Code”
    - Enter the code that is generated into the Oink Code textbox in IPCop.
    - For Snort rules update,
    update select the Sourcefire VRT rules for registered users radio
    button.
    - Click Save,, wait for the page to reload.
    reload
    - Click Apply now.
    now

    Port Forwarding::

    - Go to Firewall -> Port Forwarding.


    - Select the Protocol that the service you are forwarding uses (TCP or UDP)
    UDP).
    - For Source port,
    port, enter the port that you want to forward to a computer on your
    network.
    - For Destination port,
    port enter the port of the service on your computer.

    3
    - In most cases, Source port and Destination port will be the same. Source port is
    often different if you want to have two things which use the same port to be
    forwarded (for example, 2 Xboxes).
    - For Destination IP,
    IP enter the IP Address of the computer on your network that you
    want to forward the port to.
    - Check the Enabled checkbox.
    - Once finished, you should have a page similar to the image below.

    - Click Add to add the new port.


    port

    Disable Ping Response:


    Response

    - Sometimes you may want to prevent your IPCop machine from responding to pings.
    This is useful as it helps prevent hackers from finding your IP Address.
    - It silently drops ICMP packets.
    - To enable this setting, go to Firewall ->> Firewall Options
    Options.
    - You have three options: No, Only RED, or All Interfaces.
    - For my setup, I selected Only RED,, which only blocks pings coming from the internet.
    - Click Save.

    Enabling the Network Time Server:


    Server

    - The network time server allows you to synchronize the time on all of the computers
    on your network
    etwork with your IPCop machine.
    - To enable the time server, go to Services ->> Time Server
    Server.
    - Check the Obtain time from a Network Time Server checkbox.
    - For Primary NTP Server,
    Server, enter your preferred time server. I chose time.nist.gov.
    - You can also choose a Secondary NTP Server,, but this is optional.
    - To allow your client computers to sync with the IPCop machine, check the Provide
    time to local network checkbox.
    - Select how often you want the time to be updated. I chose to do it every day.
    - Click Save,, wait for the page to reload.
    - Click Set Time Now.
    Now

    4
    Viewing the System Status:
    Status

    - You can view the status of your IPCop machine by going to Status -> System Status.
    - This allows you to view various things such as the individual services, memory usage,
    disk usage, uptime, load averages, and many other things.

    Viewing the Network Status:


    Status

    - To view the network status, go to Status ->> Network Status


    Status.
    - You can view the IP Addresses of the individual interfaces, currently DHCP leases,
    and various other statistics.

    5
    Viewing the System Graphs:
    Graphs

    - To view the system graphs, go to Status ->> System Graphs


    Graphs.
    - The graphs let you view CPU Usage, Memory Usage, Swap File Usage, and Disk
    Access.

    Viewing the Traffic Graphs:


    Graphs

    - To view the traffic graphs, go to Status ->> Traffic Graphs


    Graphs.
    - These graphs show you the traffic usage on each of the interfaces.

    6
    Viewing the Connections on your Network:
    Network

    - To view the current connections on your network, go to Status -> Connections.


    - This lets
    ets you filter by IP Address, status, and many other things.

    You might also like