Hack Proofing Linux: A Guide to Open Source Security
Excellent detailed introduction to key Linux security tools and
techniques, for non-system administrators.
TABLE OF CONTENTS Hack Proofing Linux: A Guide to Open Source Security
Chapter 10: Deploying the Squid Web Proxy Cache Server
Introduction
In Chapter 9, Implementing a Firewall with Ipchains and Iptables, you learned about packet filtering. However, packet filtering is only one way to create a network perimeter. Using proxy cache services, it is possible to filter traffic in a more specific way. In this chapter, you will learn the advantages of using proxy caching on your network, and understand the differences between a packet filter and a proxy server. You will also configure a proxy caching server and a proxy client, and test and troubleshoot a proxy cache server. The proxy cache you will implement in this chapter is called the Squid Web Proxy Cache server.
Benefits of Proxy Server Implementation
A proxy server is an intermediary between hosts on different or separate networks, such as a local area network (LAN) and the Internet. It is used to implement caching for certain services, and for security and administrative control. Proxy servers can implement different functions, such as proxy caching and Network Address Translation (NAT). NAT is technically the function of a network-level gateway, but some vendors include this functionality in their proxy server products as well.
Proxy Caching
Proxy cache servers are implemented at the Application layer and process specific Internet protocols, such as Hypertext Transfer Protocol (HTTP) and File Transfer Protocol (FTP). Rules are set up on the proxy server to determine how a workstation request should be processed.
One of the main tasks of a proxy server is to cache Web pages and FTP files...
Copyright Syngress Publishing, Inc. 2001 under license agreement with Books24x7
