Squid + havp

Fra SemarkIT
Skift til: Navigation, Søgning

Indholdsfortegnelse

How dos it work

                                        [ClamAV]
                                           ^
                                           |
                                         [havp]
                                           ^
                                           |
Internet --> [(80/443) HTTP(s)] --> [(3128) Squid3] --> [(80/443) HTTP(s)] --> Client

Install the required packages

apt-get install squid havp

Answer yes for additional software.

Squid

http://www.squid-cache.org/

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and many more protocols. It reduces bandwidth and improves response times by caching and reusing frequently-requested web pages and files. Squid has extensive access controls and makes a great server accelerator.

Proxy identification

Your proxy will be identify as No Proxy, Proxy, Anonymous or Highly Anonymous.

No proxy

In this case (the majority of internet users), http requests are sent directly from your machine to the server. There is no privacy or caching benefits.

A non-proxied system will display the following information:

REMOTE_ADDR = Your IP

HTTP_VIA = blank

HTTP_X_FORWARDED_FOR = blank

Transparent Proxy

A transparent proxy announces to the world that it’s a proxy, and passes on your information. It provides no privacy improvements (except against poorly coded sites that only look at REMOTE_ADDR and not HTTP_X_FORWARDED_FOR). It can provide a benefit by caching frequently accessed pages; many companies also use this system for filtering purposes.

A transparent proxy will display the following information:

REMOTE_ADDR = Proxy’s IP

HTTP_VIA = Proxy’s IP

HTTP_X_FORWARDED_FOR = Your IP

Anonymous Proxy

An anonymous proxy offers the caching benefits of a transparent proxy, while hiding your IP address (by replacing it with either the proxies IP, or a random address). The downside to this approach is that sites that use address detection to establish unique users (online games, voting, some logins) will not be able to distinguish you from others in your domain. Of course, that might be a bonus sometimes.

An anonymous proxy will display the following information:

REMOTE_ADDR = Proxy’s IP

HTTP_VIA = Proxy’s IP

HTTP_X_FORWARDED_FOR = Proxy’s IP, or random

Highly Anonymous (elite)

A highly anonymous (often known as an elite proxy) makes your system look the same as a non-proxied system (with the proxy servers IP address). This provides the best security; however, all the caveats of an anonymous proxy are still present. In addition, an anonymous proxy’s existance can be detected, and the server can suggest workarounds, but there’s no way to detect an elite proxy. Again, that may be your goal.

A highly anonymous proxy will display the following information:

REMOTE_ADDR = Proxy’s IP

HTTP_VIA = blank

HTTP_X_FORWARDED_FOR = blank

Configure squid

havp

http://www.server-side.de/documentation.htm

HAVP (HTTP AntiVirus proxy) is a proxy with an anti-virus filter. It does not cache or filter content. In the time of writing the complete traffic is scanned. The reason for this is the chance of malicious code in nearly every filetype e.g. HTML (JavaScript) or images.

Configure havp

Personlige værktøjer
Navnerum

Varianter
Handlinger
Navigation
Værktøjer