RE: [squid-users] squid as a proxy from Peter Kassies on 2001-06-06 (squid-users)

From: Peter Kassies <p.kassies@dont-contact.us>
Date: Wed, 6 Jun 2001 15:39:48 +0200

Kelly,

You have most of what you need:

- configure the explorer part in windows pc systems to point to the
proxyserver for http/https and ftp

- install linux, close all unused ports in /etc/inetd.conf and all the other
security actions. These actions depend on your system, search for security
faq's on your OS. There should be plenty documents.

- install squid on your linux machine

- optional (install user authentication with squid, I use the NSCA
authentication scheme. With some tools you can analyse the logs and pick out
the top talkers, people abusing your network by downloading massive amounts
of mp3's etc)

- point the /etc/resolv.conf on your proxy to a dns on the internet

- point the default gateway from the proxy to the ipadres of the router on
your network.

As for more security, a firewall helps to prevent your system being attacked
on open ports.
But if all ports are closed, there is'nt much to attack, so you might not
need a firewall.

The network could be setup as follows:

        internet
                |
        router
                |
        proxy server
                |
        LAN with endusers

This requires the proxy server to have two interface cards.

For future growth of your system might require the following network layout:

        internet
                |
        router
                | (dmz)
        firewall ------------------proxyserver
                | |
                | ---------mailserver
                | |
                | ---------webserver
                |
        LAN with endusers

Peter

> -----Oorspronkelijk bericht-----
> Van: Kelly Watts at Ring's End (ICQ 92802550) [mailto:rkwatts@ntplx.net]
> Verzonden: Wednesday, June 06, 2001 2:54 PM
> Aan: squid-users@squid-cache.org
> Onderwerp: [squid-users] squid as a proxy
>
>
> I am currently using Winproxy for dialup internet access for about 50
> Windoze pc's. I am getting frame connection and a Cisco 1720
> router. I am
> thinking of using a Linux machine and squid as a dedicated Proxy
> server and
> I also need a firewall. I have unix experience. I need this to be solid
> and secure. I am willing to spend money to buy what I need to
> minimize the
> work I have to do. Any thoughts??? Thanks to all
>
Received on Wed Jun 06 2001 - 07:39:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:00:30 MST