3.5 Installing IPFire Part 2
Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Transcription
00:00
>> Welcome back to the Cybrary course
00:00
in building your Infosec Lab.
00:00
I'm your host and instructor, Kevin Hernandez.
00:00
In our last video,
00:00
we identified that in order to
00:00
install IPFire within ESXi,
00:00
we needed two different physical
00:00
interfaces cards for our network.
00:00
In other words, even though pfSense allowed
00:00
our virtual port groups and
00:00
our virtual cards and switches,
00:00
IPFire was a little bit different.
00:00
That forced us to go into
00:00
its hardware compatibility list and identify
00:00
compatible products that will meet
00:00
the criteria in order for us to install IPFire.
00:00
In this video, we will start
00:00
installing IPFire and we'll also take
00:00
a small tour of the product. Now, let's get started.
00:00
Try to install IPFire.
00:00
[NOISE] IPFire, other, other.
00:00
Select Default Drive. Add both interfaces
00:00
in here. Here we go.
00:00
Let's make sure we select the drive for IPFire.
00:00
Connect. Be sure that they fold,
00:00
eight gigs, network up to two.
00:00
One CPU, everything looks good.
00:00
Let's hit "Finish" and let's go into it and hit "Play".
00:00
We have a little penguin here,
00:00
we have several options and tools,
00:00
and this is just to show you,
00:00
give or take, how to install it.
00:00
You won't be actually using IPFire itself.
00:00
Start running, pick English, start your installation.
00:00
Then you have end user license agreement.
00:00
Now, instead of
00:00
just holding down like I'm doing right now,
00:00
you sit there right on the keyboard,
00:00
you can see there's a little red dot right there.
00:00
Hit Spacebar to select,
00:00
which you can see right here in the bottom,
00:00
it says space to select,
00:00
and then hit "Okay".
00:00
It's going to ask you if you want
00:00
to format or delete all data in the drive.
00:00
In this case, it's a drive specifically for this,
00:00
so you go ahead and delete it.
00:00
I picked the first-one as default after formatting,
00:00
now let's give it a second for it to install.
00:00
Let's just hit "Reboot it" as it requires it.
00:00
Just give it another second.
00:00
Here's IPFire, it's already installed.
00:00
[NOISE] Just hit "Next",
00:00
let's give it a quick second for it to finish loading.
00:00
Let's pick US as a keyboard.
00:00
Now, let's choose a time zone,
00:00
I like GMT minus 5, we're going
00:00
>> to call it IPFire. It's okay.
00:00
>> We're going to keep it as a local
00:00
domain and let's put a password.
00:00
[NOISE] There we go.
00:00
Now, here you have a green and red connection.
00:00
Now, how does this work?
00:00
Well, let's take a quick look.
00:00
If we go to this Wiki for IPFire,
00:00
you can tell that red is for WAN
00:00
and green is for LAN. Let's go back here.
00:00
Let's go driver and card assignments.
00:00
Now, you can see they look very similar. Which is which?
00:00
Well, let's come back to here and expand these.
00:00
You can see LAN, the one that we labeled LAN,
00:00
which is so green.
00:00
Remember correctly, is LAN.
00:00
Green, LAN 46.
00:00
[NOISE] Red minor,
00:00
red and select "Done."
00:00
Now, I believe you have to set address.
00:00
Red like that.
00:00
>> For TNS we're going to use Google for now.
00:00
>> I'm sorry, little troublesome in there.
00:00
I miss an IP address on green.
00:00
Let's give it an IP address.
00:00
Let's give it 192.168.1.44.
00:00
[NOISE] Done and done.
00:00
You'll see here that obviously
00:00
I don't want to enable DHCP, just keep it on.
00:00
Again, this will not work
00:00
until we properly arrange our network,
00:00
but this basically sets up the
00:00
>> whole IPFire installation.
00:00
>> Now, let's take a quick tour of IPFire.
00:00
Now, this is IPFire.
00:00
As you can see, one of our interfaces
00:00
is up while the other one is down.
00:00
This interface that's down it's
00:00
basically the main Internet connection.
00:00
Now, let's look at
00:00
what offerings this product has for us.
00:00
If you go to System, we can see we have dial up
00:00
profiles and mail service, basically send information.
00:00
How to allow or disallow an SSH access.
00:00
Our backup menus, settings
00:00
on the graphical user interface,
00:00
and which type of theme that we would like to present.
00:00
As you can see, when
00:00
IPFire connects or disconnect it can make a noise.
00:00
Obviously, if you don't have
00:00
speakers on the system, you won't know.
00:00
But if you're using it as your main firewall,
00:00
pretty sure if it disconnects you're going to know.
00:00
[LAUGHTER] Version, you have the version.
00:00
Let's look at the vulnerabilities.
00:00
As you can see,
00:00
here you have a list of
00:00
your own system vulnerabilities
00:00
and I really appreciate this.
00:00
You can see the blues are
00:00
mitigated and the red are still mobile.
00:00
Most likely that's because
00:00
>> of the 2019 option down here.
00:00
>> You obviously can shut it down.
00:00
Here, shut down and reboot and
00:00
credit triggers the credits
00:00
for the team developing the tool.
00:00
Let's go to the next tab, status itself.
00:00
System, over here you're going to see
00:00
the system utilization, memory utilization.
00:00
Since we just brought this up,
00:00
you'll see it doesn't have a very thick long graph.
00:00
Here you have the services are on and off.
00:00
As you can see, we do have a VPN service,
00:00
we have a web proxy,
00:00
a Secure Shell, NTP intrusion prevention system.
00:00
We mentioned this during our course
00:00
that some of these next-gen firewalls have a lot
00:00
of features and intrusion prevention
00:00
and web proxy work too of these services.
00:00
How do we access these services?
00:00
For example, if you actually click in it right here,
00:00
you can see that you can enable the web proxy here,
00:00
which part you want to utilize, etc.
00:00
Here you have some little configuration,
00:00
if you are into wikis of
00:00
IPFire then you go
00:00
right here in the left side to web proxy.
00:00
You have a couple of extensions itself.
00:00
You can actually integrate this quick.
00:00
Look at the VPN real quick.
00:00
This is more for you to connect into
00:00
your network from outside.
00:00
[LAUGHTER] If you did trial, for example,
00:00
where you're at, let's say, you're in a cafe,
00:00
Starbucks or any type of cafe.
00:00
You can actually connect to
00:00
your local network and route
00:00
your traffic through here and
00:00
that way it's a little more private connection
00:00
and harder for people to
00:00
sniff your confidential information as
00:00
if you were in a public access spot.
00:00
Intrusion prevention system here.
00:00
You see it's disabled or stopped as well.
00:00
You can actually see emerging threats.
00:00
[inaudible]
00:00
There's different type of rules.
00:00
You can see you have community
00:00
>> which are obviously free.
00:00
>> You have registered and you probably
00:00
have a paid subscription as well.
00:00
Now let's go into media.
00:00
You can see here usage of your disk storage.
00:00
Here you have your next work.
00:00
Honestly, ours it isn't fully configured,
00:00
so you're not going to see too much information.
00:00
In here you have your VPN information,
00:00
your hardware, you can see it's
00:00
a temperature per day hard disk connections.
00:00
You have URL filtering.
00:00
Basically what you want to blacklist,
00:00
what you want to whitelist, etc.
00:00
Here for example, I can block ads,
00:00
I can block violence,
00:00
I can log wares, drugs and pornography.
00:00
It's like, you know what?
00:00
I want my kids to be
00:00
pretty safe and I don't mind them using Gmail.
00:00
I don't mind them being in Gmail.
00:00
Therefore everything else block except those.
00:00
Then here you can also add like,
00:00
I don't mind them watching YouTube,
00:00
but I do mind them watching Netflix and you can,
00:00
for example, block Netflix right here.
00:00
Now, here's custom expression sets.
00:00
Actually, if you have taken my Regex course,
00:00
this will be one of the places where you would
00:00
be introducing those regex.
00:00
Now, if you want to make a base on network access,
00:00
this will be where you'll be making those changes.
00:00
Let's go back to Network.
00:00
You have an accelerator,
00:00
you have a DHCP server due to DHCP in this device,
00:00
which if this is a firewall,
00:00
it will be using itself.
00:00
This has to be enabled.
00:00
Unless you're going to do this inside your switch.
00:00
You have a QOS,
00:00
Quality of Service, right here. You can start it.
00:00
Continuing the firewall,
00:00
you can do GeoIP blocks based on countries.
00:00
Let's look at IP tables.
00:00
You have a couple of IP tables configured.
00:00
Lastly, we have this IPFire tab,
00:00
which has the Pakfire configurations.
00:00
Now, obviously, like I mentioned earlier,
00:00
if you're not 100 percent sure on
00:00
some settings or you want more information,
00:00
you can always come to their Wiki.
00:00
That's wraps up our introduction to IPFire.
00:00
We're going to keep moving along to other software now.
00:00
On today's video, we basically finished installing
00:00
IPFire and solved some of its issues.
00:00
We saw its web proxies,
00:00
its IPS, VPN, etc.
00:00
Even though IPFire seem like a way capable
00:00
tool for our intentions with the Lab,
00:00
I do personally believe that pfSense at least brings
00:00
more options or these options are more
00:00
accessible and friendlier to utilize.
00:00
Not only that, pfSense also has an app market where
00:00
current and future applications and
00:00
extension could be added into the program.
00:00
Another great benefit of pfSense is its market standard.
00:00
It is highly utilized throughout
00:00
different systems and different people,
00:00
therefore having a big community supporting the product.
00:00
That's one of the benefits of being the market leader.
00:00
The other is the community support.
00:00
When you're using free tools,
00:00
community support is most
00:00
likely going to be your only type of
00:00
support for the product and any problems you encounter.
00:00
Therefore, having a big community
00:00
is to the best of your benefit.
00:00
In our next lesson, we will start installing QRadar.
00:00
This is a very tricky installation
00:00
and the smallest error you
00:00
perform will basically render
00:00
>> your installation useless,
00:00
>> which might require you to
00:00
re-install both the OS and QRadar.
00:00
Hope to see you soon. Have a great day.
Up Next
Instructed By
Similar Content
