Your SlideShare is downloading. ×
0
SQUID
Squid – A HTTP 1.0 Proxy Server                                    Squid is a web based                    proxy server b...
Why Web proxy ....?    The developers of the HTTP protocol and the web    analyst envisioned that , there would be an    ...
Web Filtering using SQUID    SQUID works on content catching mechanism , by    cached content the information will be fet...
Installation of SQUID    The following command to be typed for installing    SQUIDsudo apt-get install squid    After in...
Starting the SQUID server    The following command is written to start the    server.sudo /etc/init.d/ squid start    To...
Configuration of SQUID    The configuration file can be opened by the    following commandsudo gedit /etc/squid/squid.con...
Configuration of SQUID    To add various constraints on the web browsing    through proxy server.We configure the squid.c...
Configuration of SQUID    To filter the web content and not allow the users of    the proxy server to access the web page...
Configuration of SQUID    The Regular Expression are specified in the file    named blocks.file.acl ..[Ee][Xx][Ee]$.[Aa][...
Web Page Authentication            Squid associating with ncsa_auth        program can be used to assign user        name...
NCSA Configuration    In TAG: auth_param block , we specify the    folowwing commands.       auth_param basic program /us...
What not to Expect from SQUID..?    SQUID is not a NIDS/NIPS (Network Intrusion    Detection/Prevention System).     You...
Which Section of people does squid            appeal to....?    In colleges and schools.    In Small IT industries where...
Thank YOU...!    This is not the end ........ There are other programs to    enhance network security like    1.SNORT2. ...
Upcoming SlideShare
Loading in...5
×

Squid Caching for Web Content Accerlation

1,440

Published on

Published in: Technology

Transcript of "Squid Caching for Web Content Accerlation"

  1. 1. SQUID
  2. 2. Squid – A HTTP 1.0 Proxy Server  Squid is a web based proxy server based on harvest cache demon , built in 1990`s.  A proxy server is an intermeadiate server for the clients , which seeks resources from other server (NET).
  3. 3. Why Web proxy ....? The developers of the HTTP protocol and the web analyst envisioned that , there would be an exponential growth in web content. There was a need of efficient distribution mechanism and powerfull caching primitives as well as not comprimising the security of the network. In the pursuit of developing content distribution and at the same time securing the web server , SQUID was evolved.
  4. 4. Web Filtering using SQUID SQUID works on content catching mechanism , by cached content the information will be fetched locally thus saving the bandwidth for ISP (internet service providers). SQUID filters the request from the users and fetched the desired outcome. The constraints on filtering and access permissions will be set by the network administrator . Filtering conditions is set using Regular Expressions.
  5. 5. Installation of SQUID The following command to be typed for installing SQUIDsudo apt-get install squid After installing SQUID , u will find it under directory /etc/squid The configuration file squid.conf exist under this directory , which has to be configured essential for 1. Web Filtering 2. Authentication 3. Access Permissions to users
  6. 6. Starting the SQUID server The following command is written to start the server.sudo /etc/init.d/ squid start To , ensure that the squid server is working properlynetstat -a -n | grep 3128 (3128 is default the port number).
  7. 7. Configuration of SQUID The configuration file can be opened by the following commandsudo gedit /etc/squid/squid.conf The config files is structured into tags. The essential tags are 1. TAG: auth_param 2. TAG: http_access 3. TAG: acl
  8. 8. Configuration of SQUID To add various constraints on the web browsing through proxy server.We configure the squid.conf file To allow only particular range of IP `s , we configure it in TAG: acl block. acl internal_network src 192.168.0.0/24 Then we allow the http acces to the specified internal_network in TAG: http_access block.http_access allow internal_network The user accesing web through the proxy server, they have to set the IP in the given range.
  9. 9. Configuration of SQUID To filter the web content and not allow the users of the proxy server to access the web pages , A file has to be created in the SQUID folder and the list of websites to be blocked is added . In the TAG: http_access we deny the access.http_access deny blacklist Since specifying the list of websites is a cumbersome process, the SQUID server is powered with regular expression to define a general pattern .
  10. 10. Configuration of SQUID The Regular Expression are specified in the file named blocks.file.acl ..[Ee][Xx][Ee]$.[Aa][Vv][Ii]$.[Mm][Pp][Gg]$.[Mm][Pp][Ee][Gg]$.[Mm][Pp]3$ In the TAG: http_access we deny the access. http_access deny blocks.file.acl
  11. 11. Web Page Authentication  Squid associating with ncsa_auth program can be used to assign user name and password.  To create user authentication htpasswd /etc/squid/passwd user1  To change the read file premission chmod o+r /etc/squid/passwd  You can verify it by locating it on /usr/lib/squid/ncsa_auth
  12. 12. NCSA Configuration In TAG: auth_param block , we specify the folowwing commands. auth_param basic program /usr/lib/squid/ncsa_auth /etc/squid/passwd auth_param basic children 5 auth_param basic realm Squid proxy-caching web server auth_param basic credentialsttl 1 minutes auth_param basic casesensitive off In TAG: acl acl ncsa_users proxy_auth REQUIRED http_access allow ncsa_users The above command to allow the ncpa users
  13. 13. What not to Expect from SQUID..? SQUID is not a NIDS/NIPS (Network Intrusion Detection/Prevention System). You cannot monitor live network packets. Although there are other network tools which can be associated with them.
  14. 14. Which Section of people does squid appeal to....? In colleges and schools. In Small IT industries where network security is not their prime prioriy. Other organizations where hardware firewalls like CISCO is not feasible and they look forward for a simple solution. Parental Control.
  15. 15. Thank YOU...! This is not the end ........ There are other programs to enhance network security like 1.SNORT2. BASE (Basic analysis and Security Engine)3. Honeyd Admin Interface. For further queries u can contact us mailme@himanshuarora@co.cc (Himanshu) rahul8590 @ gmail.com (Rahul)
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×