User: Password:
Subscribe / Log in / New account


News and Editorials

New Linux Firewall Releases: IPCop 1.4.0 and Devil-Linux 1.2

October 20, 2004

This article was contributed by Ladislav Bodnar

Although much less glamorous than the desktop or server distributions, Linux-based firewalls have proven themselves as reliable workhorses capable of turning many an old computer into useful appliances, guarding corporate and home networks from bad elements traversing the cyberspace. Among them, IPCop Firewall and Devil-Linux are just two examples of the power behind collaborative efforts of developers across the Internet. Both projects provide simple, yet powerful products contributing to greater peace of mind in our ever more complex, inter-connected world of computers.

IPCop 1.4.0

IPCop Firewall, launched in 2001 as a fork of SmoothWall, is developed by Charles Williams and a small group of developers who found themselves disenchanted with the attitude of some of the SmoothWall developers on their support forums. Starting with the recently released version 1.4.0, IPCop is now built from ground up and based on Linux From Scratch. The developer's mission is simple: to provide a free, stable and secure Linux firewall that is highly configurable and easy to maintain. With some of the press reviews rating IPCop higher than certain expensive commercial firewall products, the IPCop developers have certainly succeeded in achieving their goal.

The size of the IPCop ISO image, at 40 MB, leaves little doubt about the specialist nature of this distribution. It offers packet filtering, VPNs, a caching web proxy, DNS, DHCP and time server, traffic shaping, and intrusion detection, but not much else. System administration is done through a web browser over the network using a secure connection. IPCop is designed to run on a dedicated box with as little as 300 MB of hard disk space and 32 MB of RAM, but it can also be installed on a compact flash card and run as a network appliance. The sophisticated web-based configuration interface provides many useful functions, including password modification and secure shell access settings, firewall and VPN configuration, and management of services. Security updates and fixes can also be installed through the web interface.

IPCop 1.4.0 is the project's first stable release in 18 months. A lot of work has gone into this version, which is now available for both i386 and Alpha processors. Hardware support has been extended considerably to include more network cards, USB and PCI DSL modems, as well as SCSI and PCMCIA hardware. ACPI and multi-processor systems are now also supported. In terms of new software, Snort has been included for intrusion detection and most packages are now compiled with the GCC Stack Smashing Protector. The web-based interface has been redesigned, offering enhanced log viewing, DHCP and host editing, as well as newly introduced system performance graphs. This version of IPCop has excellent multi-lingual capabilities, inclusive of some exotic languages, such as Hungarian and Vietnamese.

Devil-Linux 1.2

Devil-Linux started as a personal project of Heiko Zuerker in early 2001. It departed from the established ways of developing a Linux distributions in that Devil-Linux was a live CD, meant to be run directly from a bootable CD-ROM. As such, argued the lead developer, it offered more security, simply because it ran from a read-only file system. Therefore, certain common cracking techniques, such as installing a rootkit on the target machine for cracking passwords, were not available to intruders. Many users found this technique intriguing and Devil-Linux matured into a popular distribution.

The scope of Devil-Linux is a lot broader than that of IPCop. Besides the usual firewall and router software, Devil-Linux also ships with a web server (Apache 2 + MySQL + PHP), mail server with TLS support and spam and virus filtering (Postfix TLS + SpamAssassin + ClamAV), FTP server (vsftpd), and a number of other server applications. However, all services, including networking, are turned off by default. System configuration is accomplished via a ncurses-based menu. One of the most interesting features of this distribution is the ability to easily add or remove applications with the help of a Devil-Linux build kit, a well-documented procedure for customizing and building one's own live CD.

Devil-Linux 1.2 is the first major upgrade in a year. Besides kernel (2.4.27) and package version updates, there are several noteworthy security enhancements in this release - notably the Stack Smashing Protection for most binaries included on the CD, and the GRSecurity patch for the kernel, with chroot restrictions, address space modification protection, and randomization features. Additionally, Devil-Linux provides an easy way to setup chroot jails and supplies a number of Netfilter modules not found in the standard kernel.

Comments (2 posted)

Distribution News

Ubuntu 4.10 released

The final version of Ubuntu 4.10 ("Warty Warthog") has been released. "Ubuntu is a new Linux distribution that brings together the extraordinary breadth of Debian with a fast and easy install, regular releases (every six months), a tight selection of excellent packages installed by default and a commitment to security updates with 18 months of security and technical support for every release." The Ubuntu folks even offer to mail a CD to interested users for free; click below for the details.

Full Story (comments: 6)

OpenPKG 2.2 released

Version 2.2 of the OpenPKG meta-distribution is available. "Since the previous release four months ago, the OpenPKG package repository has grown by 10%. A subset of 528 packages were carefully selected for inclusion into the OpenPKG 2.2 release, including the latest versions of popular Open Source Unix software like Apache, Bash, BIND, GCC, INN, Mozilla, MySQL, OpenSSH, Perl, Postfix, PostgreSQL, Samba, Squid, teTeX and Vim."

Full Story (comments: none)

Ubuntu Traffic #7

The seventh issue of Ubuntu Traffic is out, with summaries of discussions regarding the Ubuntu distribution. Covered topics include "installer preseeding," the Ubuntu Preview live CD, and more (but no word on the controversy over the new artwork).

Comments (6 posted)

Gentoo Weekly Newsletter 18 October 2004

The Gentoo Weekly Newsletter for the week of October 18, 2004 looks at the upcoming 2004.3 release and covers several other topics.

Full Story (comments: none)

Debian GNU/Linux

Raphaël Hertzog has announced the availability of the the first French book about Debian.

The Debian Weekly News for October 19, 2004 covers Raphaël's new book, a report about using Knoppix for system recovery, the launch of the Debian GIS sub-project, the debian-legal discussion of the Academic Free License, and several other topics.

The Debian project will be present at several conferences and exhibitions in Europe, including Systems in Munich, Germany, Berlinux in Berlin, Germany, OS04 in Graz, Austria, LinuxWorld Conference & Expo in Frankfurt/Main, Germany, and more.

Comments (none posted)

DistroWatch Weekly

The DistroWatch Weekly for October 18, 2004 looks at the Anaconda installer, features the Devil-Linux live firewall and looks forward to the release of FreeBSD 5.3, hopefully next week.

Comments (none posted)

New Distributions


knopILS is a customized version of Knoppix that has an Italian boot prompt, default keyboard, and default language. Each .deb package installed belongs to the free tree of Debian GNU/Linux, or could be classified as such if it is not an official one. Localized .deb files are present when available, and minor changes were made to graphics. Version 0.7 was released this week.

Comments (none posted)


Thanks to a tip from Fred Mobach we've added XenoLinux to our List of Linux Distributions, in the special purpose category. Xen is a virtual machine monitor for x86 that supports execution of multiple guest operating systems. Xen is Open Source software, released under the terms of the GNU General Public License. XenoLinux is a fully functional port of Linux, 2.4 and 2.6, running over Xen, for a virtual general purpose Linux server.

Comments (none posted)

Minor distribution updates

Aurora Build-1.92 (Code Name Tangerine)

The Aurora Sparc Project has a full set of sparc packages that match up to Fedora Core 2, and its name is Tangerine. Click below for more information.

Full Story (comments: none)

Devil-Linux v1.2 released !

Heiko Zuerker has announced Devil-Linux v1.2. The changes include Kernel 2.4.27, many program updates, printing support, 32 MB systems are supported again, Apache HTTP Server, PHP, and many many other changes.

Full Story (comments: none)


Ewrt, a Linux distribution for the Linksys WRT54G, has released v0.2-final. "Changes: Many build fixes and nocat fixes. PMTU, cron, and check_ps have been fixed."

Comments (none posted)


Fedora Core 2 updates:

Comments (2 posted)


H3Knix, a small desktop distribution, has released v1.6. "Changes: This release adds a new init, faster startup base modifications, better performance, updated applications, a new installation disk, and easier/faster installation scripts."

Comments (none posted)


INSERT (INside SEcurity Rescue Toolkit) has released v1.2.16. "Changes: This release upgrades to kernel 2.4.27 (again with the backported NTFS drivers from the Linux-NTFS-project). A bunch of packages have been updated and a few were added. Also, a few bugs were fixed, notably the often-not- working WLAN configuration (wrong PCMCIA config)."

Comments (none posted)

Linux Live

Linux Live, a project that provides scripts for building a live CD, has released v4.2.4. "Changes: One function in liblinuxlive was fixed. It could return an incomplete list of library dependencies, resulting in a LiveCD that didn't boot. A new "installimg" script has been created in /tools/. A toram boot option has been added as a synonym for copy2ram."

Comments (none posted)


TopologiLinux has released v5.0.0. "Changes: Colinux was integrated, making it possible to run TopologiLinux from within Windows. A new grub-based boot manager was also added. The installation was rewritten and new scripts were included. The packages were upgraded to Slackware 10 with updates until 14 October 2004. Demo and full versions are now available - the demo is about 350MB and contains X, KDE, networking, and libraries, while the full version is supplied on two CDs."

Comments (none posted)

Newsletters and articles of interest

Linux wants to earn your trust (

Federal Computer Week takes a look at Trusted Linux. "TCS officials expect Trusted Linux to be certified under Common Criteria at Evaluation Assurance Level 4, [TCS COO Ed] Hammersla said. The EAL scale runs from 1 to 7, and 7 is the highest score. TCS officials plan to begin beta testing Trusted Linux this fall, Hammersla said. The operating system will form the foundation of a trusted computing base, a system of software, hardware and firmware that enforces a unified security policy."

Comments (none posted)

Distribution reviews

UserLinux Beta 1: The Precursor to the Next Enterprise Linux Distro? (LinuxPlanet)

LinuxPlanet takes the UserLinux beta for a test drive. "UserLinux is a Linux distribution with very high aspirations. Founded and backed by Linux luminary Bruce Perens, part of the UserLinux mission is to repair the economic paradigm of enterprise Linux. The recently released UserLinux Beta 1 is perhaps a tangible small step on the path toward achieving its lofty ambitions."

Comments (none posted)

Page editor: Rebecca Sobol
Next page: Development>>

Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds