RE: Setting up a Proxy Server..
From: Don Weber (Don@AirLink.com)Date: 10/21/01
- Previous message: Devdas Bhagat: "Re: Small office Firewall."
- In reply to: Chris Wilkes: "Re: Setting up a Proxy Server.."
- Next in thread: MURAT GÜLCİ: "Re: Setting up a Proxy Server.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Don Weber" <Don@AirLink.com> To: "Chris Wilkes" <cwilkes@ladro.com>, <security-basics@securityfocus.com> Subject: RE: Setting up a Proxy Server.. Date: Sat, 20 Oct 2001 17:35:07 -0700 Message-ID: <BAEBKBIMJFMJDDHPLBHKIEDJEBAA.Don@AirLink.com>
actually, your partly correct, what surf control does is, when it see's the
ip address x.x.x.x requesting page from site xxx, it doesn't actually block
it, it interjects, and replies to the workstation before the actual site
does, this works pretty well, and since workstation thinks it already got
the page it rejects the real one when it comes in, i may not be explaining
it quite right, but thats the idea. AND, you don't have to tell the
workstations to go thru a proxy, it is basically plug and play, without
workstation intervention, as long as you put it in the right place on the
wire where it can see all the traffic. it does work, the problem i have seen
is that sometimes a page gets thru the first time it is visited, think of
playboy . com the first time any workstation visits that page, it will
likely go thru, although any future request from any other workstation will
be intercepted, however, ususally even that first page that starts coming
thru to the workstation usually doesn't fully load it gets intercepted at
some point in the page. hope that explains it well.
Don
-----Original Message-----
From: Chris Wilkes [mailto:cwilkes@ladro.com]
Sent: Wednesday, October 17, 2001 10:05 AM
To: security-basics@securityfocus.com
Subject: Re: Setting up a Proxy Server..
On Tue, 16 Oct 2001, Oswald wrote:
> Hi! We have one Windows 2000 server and 30 Windows 98 client machines
> connected directly to a switch. We connect to the net using a D-Link DI
300
> ISDN Router which also serves as NAT. We are connected to the net using a
> 64 Kbps dial-up ISDN connection.
>
> We are planning to implement SurfControl in our office to monitor the web
> usage of our employees. Since the internet requests from all the machines
> goes directly via the switch to the router, this software is not able to
> track any requests.
>
> Would be thankful if somebody can help me understand setting up a proxy
> server in this network setup.
>From this page
http://www.surfcontrol.com/products/superscout_for_business/super_scout/pass
.html
it looks like SurfControl just sits there and sniffs the network for
traffic going by and reports on it. Somewhat nifty actually.
You'll need to get their "SuperScout for Microsoft Proxy Server" to do the
proxying bit you will actually need to block requests by your users. The
pass-by one can't actually block anything.
With a proxy server you'll then have each client go through it to get out
to the internet. Its a setting called "Proxy server" for the browsers.
However to get this to fully work you'll also have to get a firewall that
you control and tell it to drop all outbound HTTP (port 80) requests.
Otherwise the users can just ignore going through the proxy. I don't know
if the D-Link router can do that, it might be able to.
Chris
- Previous message: Devdas Bhagat: "Re: Small office Firewall."
- In reply to: Chris Wilkes: "Re: Setting up a Proxy Server.."
- Next in thread: MURAT GÜLCİ: "Re: Setting up a Proxy Server.."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
