Thursday, February 25, 2010

IPCop with URL Filter

Years ago setting up a Linux firewall was a nightmare. Then after many trials I discovered IPCop. It installs in 10 minutes and it is up and running! Thats almost as easy as using a firewall box that hangs on the wall. There is one catch they do not tell you about. To get it going quickly do not use the network card that is built into the motherboard, and instead use a 3 com network card and an Intel network card. That way you know what card connects to what and you do not have to fight with the drivers to get them to work. The 3 Com card will connect to the internal network via your 24 port switch or hub and the Intel card will connect to the Web via your ISP's router.

Installing IPCop
----------------
Download the ISO file and burn a CD from the ISO Image file.
Boot the 'soon to be' server from the CD you made.
Press "enter" about 5 times.
Select "Skip" to skip floppy configuration.
  (Press 'space bar' to select the item, 'tab' three times, and then 'enter'.)
Select "Probe" to find the first network card. (The 3 Com Card)
Enter an IP address of 192.168.0.1 (The IP of this Firewall)
Select "US" for the keyboard layout.
Select "EST" for Eastern Standard time.
Select "IPCop" for machine name and "workgroup" for a Domain.
  (or your companys domain)
Select "Disable" for the ISDN screen.
For Network Type select "Green and Red".
For Drivers and Cards Select "Probe" and assign the second card to "Red".
For Address Settings Select "Red", and enable "DHCP".
  (Unless you alrady have a DHCP server)
For DHCP Server Configuration - Set the IP Range to 192.168.0.10 to 192.168.0.100 and "OK"
  (This allows devices with 'fixed' IP address from 1 to 10)
Enter your password about 6 times and press "OK" to restart.

If everything went well you are up and running in 10 minutes or less!
Go to a machine on the network and from FireFox type '192.168.0.1:81'
Enter 'admin' and your password 'xxxxxx'

Some other "Services" you may want to modfy are;
Select "Services", "Intrusion Detection", Enable on Red, Enable on Green, Select "Save"
Select "Services", "Proxy Server", Enable on Green, Transparent on Green, Log Enabled, Select "Save"


URL Filter Installation
-----------------------
Download IpCop-UrlFilter, burn to a CD and put into server.
type 'mount /dev/cdrom'
type 'cd /mnt/cdrom'
type 'cp ipcop [tab] /'
type 'cd /'
type 'tar zxvf ipcop [tab]'
type 'cd ipcop [tab]'
type './install'

It runs without creating any new tabs. Look under 'services', 'urlfilter'. You will want to do a blacklist 'update now' then select 'porn' and enable logging. I won't tell you how to test it, suffice it to say play with it boy, and you should get a 'blocked' screen. The log seems to take a while to start working, but it should log every blocked site.

Monday, February 22, 2010

There are two new things now happening in the virus/spam war.

First of all Kaspersky 2010 is hanging up computers. The symptoms happen when you upgrade from Kaspersky Internet Security 2009 to Kaspersky Internet Security 2010. The next time you start the computer it takes several minutes before you can click on something and anything will happen. The solution is to uninstall Kaspersky and then reinstall Kaspersky Internet Security 2010. That has worked on every computer that has had the problem so far.

Here is an interesting thought, all the computers that have had the problem were 'old installations' that most likely have had a 'fixed' virus on them. In fact one of the installations had Windows (Virus) Vista on it, but had since been upgraded to WIndows XP. So long term the better solution would be Format C: and start over as there may be some sort of a virus/corruption that is causing the problem.

The second thing that has come to my attention is a new method in the virus attacks. When you visit an infected web site they may try over 1,000 ways to infect your computer. So though matter how hard you try to keep your computer up to date it is a hopeless case. But now they have a new attack vector, they are trying the same thing in emails! They send a spam that attacks your anti-virus as well as attacks Microsoft Outlook looking for any of several hundred vulnerabilities. This results in Outlook Restarting untill you unplug your network cable. The solution is to use web mail and delete the garbage. Also update to at least Outlook 2003 with all of the patches and updates installed as well.

Thursday, February 4, 2010

Wordpress - rounded tab corners

Firefox and Chrome recently included the ability to create rounded corners in CSS or style sheets.  After some playing around I was finally able to get it to actually work.  Google Chrome also has support for rounded corners under the name 'webkit'.  Note that the paramaters have to be different for Firefox and for Chrome.  The 4px parameter sets the size in pixels of the corners.

Here is the CSS to make it all work;

#nav li {
float: left;
list-style:none;
color:#3f3f3f;
border-top: solid white;
border-left: solid white;
}

#nav a, #nav a:visited {
display: block;
text-decoration: none;
background:#f0f0f0;
padding:5px 12px;
color:#3f3f3f;
border-top: 1px solid gray;
border-right: 1px solid gray;
border-left: 1px solid gray;
-moz-border-radius-topright:4px;
-moz-border-radius-topleft:4px;
-webkit-border-top-right-radius:4px;
-webkit-border-top-left-radius:4px;
}

Here is what the rounded corners look like in tabs.