1 / 31

CONFIGURING A PROXY SERVER IN LINUX

CONFIGURING A PROXY SERVER IN LINUX. BY ROHIT KAUL CS , BITS-PILANI. PRESENTATION LAYOUT. Brief introduction to LINUX What is a proxy??? Its Uses and Need??? Security aspects and Web Caching Connecting a PC to LAN Introduction and Configuration of Squid

dutch
Télécharger la présentation

CONFIGURING A PROXY SERVER IN LINUX

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CONFIGURING A PROXY SERVER IN LINUX BY ROHIT KAUL CS , BITS-PILANI

  2. PRESENTATION LAYOUT • Brief introduction to LINUX • What is a proxy??? • Its Uses and Need??? • Security aspects and Web Caching • Connecting a PC to LAN • Introduction and Configuration of Squid • Configuration of clients’ Browser • Conclusions

  3. Introduction to Linux • Linux – a phenomenon? • Linux has provided a common platform for the Free software that was being created all over the world…. • Linus Torvalds, 1991 , University of Helsinki • GPL (General Public License) • Distributions in market Red Hat , Debian etc • WHY LINUX ????

  4. What is a Proxy Server ?? • Intermediary server between clients and the actual server • Proxy processes request • Proxy processes response • Receives the client request • Decides if request will go on to the server • May have cache & may respond from cache • Acts as the client with respect to the server • Uses one of it’s own IP addresses to get page from server

  5. Uses of Proxy-Server • Enhancing Security not individual security concerns, saves resources, money etc • Caching faster web surfing • Firewall • Filtering Contents

  6. www.jstor.org User IP: 1.2.3.4 A normal web transaction Security……How Do I Care???

  7. proxy.inst.edu IP: 2.3.4.5 www.jstor.org User IP: 1.2.3.4 Transaction through a proxy More secure…. Add firewall…packet filter; block access to sites

  8. proxy.inst.edu IP: 2.3.4.5 www.jstor.org User IP: 1.2.3.4 Caching –Proxy (Cache MISS!!) Cache MISS

  9. proxy.inst.edu IP: 2.3.4.5 www.jstor.org User IP: 1.2.3.4 Caching –Proxy ( cache HIT) Cache HIT Improves speed of surfing

  10. Proxy In Linux… • Installation • Connecting Linux PC to LAN • Configuring proxy module/application • Configuring prospective clients’ browsers • INSTALLATION easy!!!

  11. Connecting Linux PC to LAN • Red Hat menu , System Settings  Network • ( or type “neat” as root ) • Network configuration window appears • Devices tab  eth0 interface ( double-click) • A pop-up window appears asking for: • DHCP / Static Addressing • Choose Static….and fill in IP Address, Netmask, Default Gateway Address. click OK , close the window and click ACTIVATE

  12. Default Gateway ??? • Like routers…

  13. Configuring DNS information • DNS ??? • Click DNS tab in network configuration window.. • Enter primary and secondary DNS nameservers ….in case local DNS is configured enter the address as primary DNS • Click APPLY button at the bottom • Click CLOSE , and ACTIVATE

  14. Configuring SQUID • Squid???? • it is a proxy – caching server which runs on *nix based platforms. Why Squid? apart from others.. • Available free of cost , open-source • Features content-filtering and password authentication for users using external programs

  15. Installation of squid • From RPM packages… • Use Package Manager and install from CD • From Source • Unzip in some temporary directory • Move to it…and run./config • Run make make install make clean • Similar to WINZIP

  16. Squid.conf file • Open in any standard editorvi/vim emacs • Lots of options, anybody with basic knowledge of proxy and networking can configure it. • http port default 3128 • Cache_mem default 8MB • Cache_dir directory subdirectory subsub directories /var/squid/cache

  17. Restricting Internet Access • ACLs ( access control Lists ) • Acl acl_nameacl_typedata • Acl node scr 10.10.7.239 • Acl node2 scr 10.10.7.72 • Acl lunchtime time M 13:00-14:00 • http_access deny node lunctime • http_access deny node

  18. Starting squid squid start /etc/init.d squid start / restart • Stopping squid Squid stop /etc/init.d squid stop

  19. Dummy interface?? • What is dummy interface??? • eth0 eth1 • eth0 eth0:0 • Interface at startup • .bashrc file

  20. Configuring Internet Explorer

  21. Click Start, Programs, Internet Explorer

  22. Click Tools, Internet Options

  23. Click Connections

  24. Select Your Connection For LAN connection (within RRL) For Dial-UP Connection (from Home)

  25. LAN connections ONLY Click LAN Settings

  26. Select Use a proxy server for this connection.In Address box, type 10.10.7.245 & in Port box 8080Select Bypass proxy server for local addresses

  27. Select Use the same proxy server for all protocols. Type *.ou.ac.lk; 192.248.73.* in Do not use proxy server for addresses beginning with box

  28. Click OK. • Click OK. • Click OK. Similarly one can configure graphical browsers like MOZILLA or OPERA

  29. Conclusions • In an era where even a single click of mouse is potent enough to cause a full fledged attack , installing proxies and other security modules is no more a luxury that every system administrator enjoys… • Its a necessity….

  30. Thank you

More Related