General discussion

Locked

IPCop and Copfilter

By escheitz ·
With all the growing threats in cyberspace, and with me taking the technical/security responsibility for a small CPA (Certified Public Accounting) firm, I was looking for a way to help harden the perimeter, and a way to offer some redundant scanning of web traffic. Previously I had a linksys BEFSR41 router at the gateway of a peer-to-peer network and had Symantec NIS 2005 installed on all the 6-7 PCs, along with other basic Windows XP security practices. I did some research and am evaluating IPCop and the Copfilter. The features I like are the proxying (squid), DNS proxying, and IDS (snort), and strong firewall of IPCop. The Copfilter adds the http scanning with HAVP (Http Anti Virus Proxy) which uses the Clamav virus library, and Privoxy to filter other internet junk. I just setup IPCop with the Copfilter add-on at home, and it seems to be running well, although the HAVP does have a little hit on bandwidth, (I think around 150-200 Kbps). Sooner or later, I am going to attempt to set that up behind the IPCop/Copfilter gateway to offer some telecommuting possibilities. Does anybody have any experience with IPCop, and or Copfilter, that could give any comments or suggestions or am I going down a dark deep tunnel? Sorry for the lengthy post.

This conversation is currently closed to new comments.

6 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

by escheitz In reply to IPCop and Copfilter

Point value changed by question poster.

Collapse -

by roblesj428 In reply to IPCop and Copfilter

You forgot to mention what hardware are you running it in. I have a dual core Pentium processor with 4GB of RAM and 1 TB HD, with 4 1000 Mbps NICs. Manually configured NIC to run at 1000, and it flies. What takes a few minutes is the loading of bigblabklist, which is about 20MB of urls. Hope ths helps, look at your hardware!

Collapse -

by escheitz In reply to

I also have another related question, I'm not sure if it should go in a post by itself but...

"From a security point of view, adding filters, Virus scanners and proxies to the firewall will highly reduce the firewall's overall security." I think I understand the basis for this reasoning, so does it make sense to put the IPCop & Copfilter behind my current router (Linksys BEFSR41), since it is a simpler device potentially subject to less problems/complications on the frontline. I only use the Green/Red interfaces in IPCop, but I like the traffic filtering features of Copfilter, and ultimately want to implement a VPN feature in IPCop. So basically where is the best position to put a NAT router in a network setup with IPCop/Copfilter/VPN?

Collapse -

by escheitz In reply to IPCop and Copfilter

450 mhz PIII, 256 MB RAM, 10gig HD is my hardware specs.

Collapse -

by escheitz In reply to IPCop and Copfilter

Point value changed by question poster.

Collapse -

IPCop and Copfilter is really nice.

by georgeou In reply to IPCop and Copfilter

Ah, I would have answered this if I had seen it
As someone else mentioned, IPCop and Copfilter is the FREE solution (free as in software). A friend of mine is running it and he raves about it. The challenge is getting a box that's low-power and silent running. I've searched far and wide and I've come to three possible solutions.

Build a dirt cheap desktop or use an old desktop PC. This is the worst option IMO since it's big and bulky and noisy. It is possible to make it silent but it still uses around 60 watts. While that ain't bad, it's still less than ideal. Cost is around $150.

Buy a fan less 800 MHz PC with 256 MBs of RAM. This is precisely what Justin James did and he will be writing a review with IPCop and Copfilter. Price was $225 + $30 shipping plus $60 for a 2.5" hard drive. This is a little more than $300 but it's dead silent and small.

Last option which is what I'm personally leaning toward is to use a virtual computer. I'm going to be building a Media Center PC doubling as a gigabit file server. Then I'm going to run the free VMware or free Microsoft Virtual server and run a virtual instance of IPCop plus Copfilter. Price for the hardware is free since you need the hardware for the Media Center and the Gigabit file server anyways.

Back to Security Forum
6 total posts (Page 1 of 1)  

Related Discussions

Related Forums