Bob Walder

Bob Walder: For those of you looking for a low cost (i.e. free) firewall solution and who have a spare, low-powered machine hanging around with a network card or two in it I can heartily recommend IPCop. You can download the source if you must, but the easiest way is to download the ISO image, burn it on a CD and boot from it – a program is included on the CD to make a boot floppy if your older PC does not support CD booting, and the installation takes you through everything you need to do to get your firewall up and running in no time.

It is based on a stripped down and hardened version of Red Hat 7.2, though still with the 2.2.x kernel, since it is based on IPCHAINS. Once it is connected to the network, most of the admin can be done via a nice Web-based interface, and you can always SSH to it or log on at the console to edit a few config files yourself if you want to add a few awkward IPCHAINS filter rules or change your Snort configuration. Yes, it even includes the Snort IDS and Squid Web cache – both disabled by default, but easily enabled and with minimal-to-zero configuration required to get them working.

Based on the Smoothwall 0.9.9 GPL product but with a much friendlier bunch of developers behind it, you should give it a look if you want a basic firewall/IDS/Web cache solution for zero outlay and minimal hassle.

I also came across this site which has a whole bunch of useful utilities on there, such as a Windows-based protocol analyser and a minimal-footprint Web server, amongst other things. [Bob Walder's Diary]

Leave a comment