Upload
dutch
View
73
Download
6
Embed Size (px)
DESCRIPTION
CONFIGURING A PROXY SERVER IN LINUX. BY ROHIT KAUL CS , BITS-PILANI. PRESENTATION LAYOUT. Brief introduction to LINUX What is a proxy??? Its Uses and Need??? Security aspects and Web Caching Connecting a PC to LAN Introduction and Configuration of Squid - PowerPoint PPT Presentation
Citation preview
CONFIGURING A PROXY SERVER IN LINUXBYROHIT KAUL CS , BITS-PILANI
PRESENTATION LAYOUTBrief introduction to LINUXWhat is a proxy???Its Uses and Need???Security aspects and Web Caching Connecting a PC to LANIntroduction and Configuration of SquidConfiguration of clients BrowserConclusions
Introduction to LinuxLinux a phenomenon?Linux has provided a common platform for the Free software that was being created all over the world.Linus Torvalds, 1991 , University of HelsinkiGPL (General Public License)Distributions in market Red Hat , Debian etcWHY LINUX ????
What is a Proxy Server ??Intermediary server between clients and the actual serverProxy processes requestProxy processes responseReceives the client requestDecides if request will go on to the serverMay have cache & may respond from cacheActs as the client with respect to the serverUses one of its own IP addresses to get page from server
Uses of Proxy-ServerEnhancing Security not individual security concerns, saves resources, money etc
Caching faster web surfing
FirewallFiltering Contents
A normal web transaction
SecurityHow Do I Care???
Transaction through a proxyMore secure.Add firewallpacket filter; block access to sites
Caching Proxy (Cache MISS!!)Cache MISS
Caching Proxy ( cache HIT)Cache HITImproves speed of surfing
Proxy In LinuxInstallationConnecting Linux PC to LANConfiguring proxy module/applicationConfiguring prospective clients browsers
INSTALLATION easy!!!
Connecting Linux PC to LANRed Hat menu , System Settings Network( or type neat as root )Network configuration window appearsDevices tab eth0 interface ( double-click)A pop-up window appears asking for:DHCP / Static AddressingChoose Static.and fill inIP Address, Netmask, Default Gateway Address. click OK , close the window and click ACTIVATE
Default Gateway ???Like routers
Configuring DNS informationDNS ???Click DNS tab in network configuration window..Enter primary and secondary DNS nameservers .in case local DNS is configured enter the address as primary DNSClick APPLY button at the bottomClick CLOSE , and ACTIVATE
Configuring SQUIDSquid????it is a proxy caching server which runs on *nix based platforms.Why Squid?apart from others..Available free of cost , open-sourceFeatures content-filtering and password authentication for users using external programs
Installation of squid
From RPM packagesUse Package Manager and install from CDFrom SourceUnzip in some temporary directoryMove to itand run ./configRun make make install make cleanSimilar to WINZIP
Squid.conf fileOpen in any standard editor vi/vim emacsLots of options, anybody with basic knowledge of proxy and networking can configure it.http port default 3128 Cache_mem default 8MBCache_dir directory subdirectory subsub directories /var/squid/cache
Restricting Internet AccessACLs ( access control Lists )Acl acl_name acl_type dataAcl node scr 10.10.7.239Acl node2 scr 10.10.7.72Acl lunchtime time M 13:00-14:00http_access deny node lunctimehttp_access deny node
Starting squid squid start /etc/init.d squid start / restart Stopping squidSquid stop /etc/init.d squid stop
Dummy interface??What is dummy interface???eth0 eth1eth0 eth0:0
Interface at startup.bashrc file
Configuring Internet Explorer
Click Start, Programs, Internet Explorer
Click Tools, Internet Options
Click Connections
Select Your ConnectionFor LAN connection (within RRL)
For Dial-UP Connection (from Home)
Click LAN SettingsLAN connections ONLY
Select Use a proxy server for this connection.In Address box, type 10.10.7.245 & in Port box 8080Select Bypass proxy server for local addresses
Select Use the same proxy server for all protocols.Type *.ou.ac.lk; 192.248.73.* in Do not use proxy server for addresses beginning with box
Click OK.Click OK.Click OK.Similarly one can configure graphical browsers like MOZILLA or OPERA
Conclusions
In an era where even a single click of mouse is potent enough to cause a full fledged attack , installing proxies and other security modules is no more a luxury that every system administrator enjoysIts a necessity.