Jonas Lippuner. Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation.

Slides:

Advertisements

Similar presentations

SMC2804WBRP-G Barricade™ g 2.4GHz 54Mbps Wireless Cable/DSL Broadband Router with USB Print Server SMC2804WBRP-G

Advertisements

300Mbps n Wireless Gigabit Router

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Firewall Configuration Strategies

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

Security Awareness Chapter 5 Wireless Network Security.

Introduction to Fortinet Unified Threat Management

Controlling access with packet filters and firewalls.

Hardware Firewalls: Advanced Feature © N. Ganesan, Ph.D.

Wi-Fi Structures.

Chapter 8: Configuring Network Connectivity. Installing Network Adapters Network adapter cards connect a computer to a network. Installation –Plug and.

Hands-On Microsoft Windows Server 2003 Networking Chapter 1 Windows Server 2003 Networking Overview.

Improving Security. Networking Terms Node –Any device on a network Protocol –Communication standards Host –A node on a network Workstation 1.A PC 2.A.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

M2M Gateway Features Jari Lahti, CTO

1 Configuring Linksys Wireless Router Prof. Valencia Community College.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

802.11n Wireless Broadband Router

TEW-691GR Training TEW-691GR Training TEW-691GR 450Mbps Wireless N Gigabit Router.

Technical Training: DIR-615

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

Course 201 – Administration, Content Inspection and SSL VPN

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Virtual Company Group 8 Presentation Date: June /04/2017

1 Chapter Overview Network devices. Hubs Broadcast For star topology Same as a repeater Operate at the physical layer 2.

EAGLE EAGLE - Functionalities Modular Ports : WAN PortSecured Port Twisted PairTwiited PairFX Multi Mode FX Single Mode FX Long Haul 1 RS232 Serial Port.

1/28/2010 Network Plus Security Review Identify and Describe Security Risks People –Phishing –Passwords Transmissions –Man in middle –Packet sniffing.

CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.

Connecting to Network. ♦ Overview ► A network connection is required to communicate with other computers when they are in a network. Network interface.

Jamel Callands Austin Chaet Carson Gallimore.  Downloading  Recommended Specifications  Features  Reporting and Monitoring  Questions.

70-411: Administering Windows Server 2012

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.

DSL-2544N Dual Band Wireless N600 Gigabit ADSL2+ Modem Router

Wireless Networks and the NetSentron By: Darren Critchley.

Module 2: Installing and Maintaining ISA Server. Overview Installing ISA Server 2004 Choosing ISA Server Clients Installing and Configuring Firewall Clients.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

1 Installing and Maintaining ISA Server Planning an ISA Server Deployment Understand the current network infrastructure. Review company security.

Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.

Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.

Network Security Part III: Security Appliances Firewalls.

DHP Agenda: How to Access Web Interface of the DHP-1320 on Access Point Mode How to Access Web Interface of the DHP-1320 on Router Mode How to Change.

Security fundamentals Topic 10 Securing the network perimeter.

Module 10: Windows Firewall and Caching Fundamentals.

Firewall Matthew Prestifilippo, Bill Kazmierski, Pat Sparrow.

1 Syllabus at a glance – CMCN 6103 Introduction Introduction to Networking Network Fundamentals Number Systems Ethernet IP Addressing Subnetting ARP DNS.

© 2004, Cisco Systems, Inc. All rights reserved. CSPFA 3.2—16-1 Lesson 16 Easy VPN Remote—Small Office/Home Office.

SMOOTHWALL FIREWALL By Nitheish Kumarr. INTRODUCTION  Smooth wall Express is a Linux based firewall produced by the Smooth wall Open Source Project Team.

Windows Vista Configuration MCTS : Advanced Networking.

INTRODUCTION WIRELESS GATEWAY.  A device that allows a computer and other Internet-enabled devices to access the Internet connection.  Functioned as.

 Two wireless gateways for home use that I choose are : - Linksys Wireless-G ADSL Home Gateway WAG354G - WAG160N Wireless-N ADSL2+ Gateway  The wireless.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Linux Firewalls By Shane Lofgren. Definition from wikipedia.org: A firewall is a security device which is configured to permit, deny or proxy data connections.

Security fundamentals

Top 5 Open Source Firewall Software for Linux User

Working at a Small-to-Medium Business or ISP – Chapter 8

CONNECTING TO THE INTERNET

Securing the Network Perimeter with ISA 2004

Firewalls Routers, Switches, Hubs VPNs

AbbottLink™ - IP Address Overview

Chapter 10: Advanced Cisco Adaptive Security Appliance

Introduction to Network Security

Presentation transcript:

Jonas Lippuner

Overview IPCop  Introduction  Network Structure  Services  Addons Installing IPCop on a SD card  Hardware  Installation

Introduction Linux firewall distribution the bad packets stop here SOHO users current with kernel 2.4 version 2.0 under development

Network Structure up to 4 physically separated networks RED: untrusted network, i.e. Internet GREEN: protected (local) network BLUE: optional network for wireless devices ORANGE: optional network for public servers (DMZ)

Network Structure

IPCopREDGREENBLUEORANGE RED closed EA closed PF, VPN closed PF, VPN closed PF GREEN open BLUE closed BA closed BA closed DP, VPN closed BA ORANGE closedopen closed DP closed DP EA: External Access BA: Blue Access PF: Port Forwarding DP: DMZ Pinholes VPN: Virtual Private Network

Access Control External Access  allow access to IPCop from RED Port Forwarding  forward specific ports from RED to specific addresses in GREEN, BLUE or ORANGE Blue Access  list of trusted IP and/or MAC addresses in BLUE DMZ Pinholes  like port forwarding, but from ORANGE or BLUE to GREEN or BLUE

Connecting to the Internet Static IP DHCP, e.g. from a cable modem or DSL router PPPoE, e.g. over an DSL router configured as “bridge” PPTP USB modem ISDN card

Configuration easy-to-use web interface SSH access can be enabled  password based authentication  public key based authentication updates can be downloaded and installed through the web interface

Services Web proxy (squid)  for GREEN and BLUE  can be transparent for port 80 DHCP server  for GREEN and BLUE  fixed and dynamic leases Dynamic DNS  updates RED IP to a dynamic DNS service

Services Host Names  host names can be assigned to IP addresses Time Server  IPCop retrieves time from public NTP servers and acts as NTP server for local network Traffic Shaping  assign priorities to traffic on different ports

Services Intrusion Detection System (Snort)  on GREEN, BLUE, ORANGE and/or RED  analyses packets for known signatures of malicious activity  passive protection, must be monitored by user  requires a lot of memory

Services VPN (IPSec)  access to GREEN and BLUE from RED and BLUE  secure and encrypted connection through an untrusted network  Net-to-net, Host-to-net (road warrior)  Authentication through pre-shared key or digital certificates

Addons new features and capabilities unofficial more than 120 addons

Addons Advanced Proxy  extends the configuration options  adds user management BlockOutTraffic (BOT)  block access to RED by default and allow only according user-defined rules

Addons Copfilter  scans and web traffic for viruses and spam URL filter  blocks specific domains, URLs and/or files  includes time based access control WLAN-AP  turns IPCop into a wireless access point

Hardware Requirements minimal 32 MB RAM (more required for advanced features like IDS) 128 MB SD card is enough (more space required for extensive logging) Network adapters (number depends on network configuration)

Motherboard

Mini-ITX embedded CPU (533 MHz) 128 MB RAM integrated graphics chip 2x USB v1.1 ports 1x network adapter (10/100 Mbps) 1x PCI slot fanless

Power Supply

SD to IDE Adapter

Enclosure

designed for Mini-ITX and PicoPSU up to two 2.5” drives 2x hidden USB ports wireless antenna hole no space for PCI card fanless

Network Card

Putting It Together