Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Lecture 19, proxy-server based firewalls. After studying this chapter you will be able to understand: The SOCKS protocol for anonymizing proxy servers, socksifying application clients, the dante SOCKS server, Perl and Python scripts for accessing an internet server through a SOCKS proxy, squid for controlling access to web resources (and for web caching),. | Lecture 19: Proxy-Server Based Firewalls Lecture Notes on “Computer and Network Security” by Avi Kak (kak@purdue.edu) March 24, 2016 10:03pm c 2016 Avinash Kak, Purdue University Goals: • The SOCKS protocol for anonymizing proxy servers • Socksifying application clients • The Dante SOCKS server • Perl and Python scripts for accessing an internet server through a SOCKS proxy • Squid for controlling access to web resources (and for web caching) • The Harvest system for information gathering, indexing, and searching • How to construct an SSH tunnel through a web proxy CONTENTS Section Title Page 19.1 Firewalls in General (Again) 3 19.2 SOCKS 7 19.2.1 SOCKS4 versus SOCKS5 10 19.2.2 Interaction Between a SOCKS Client and a SOCKS Server 11 19.2.3 Socksifying a Client-Side Application 16 19.3 Dante as a SOCKS Proxy Server 19 19.3.1 Configuring the Dante Proxy Server 22 19.3.2 Configuring SOCKS Clients 30 19.3.3 Anonymity Check 33 19.3.4 Perl and Python Scripts for Accessing an Internet Server through a danted Proxy 34 19.4 The SQUID Proxy Server 47 19.4.1 Starting and Stopping the Squid Proxy Server 50 19.4.2 The Squid Cache Manager 55 19.4.3 Configuring the Squid Proxy Server 62 19.5 HARVEST: A System for Information Gathering and Indexing 72 19.5.1 What Does Harvest Really Do? 73 19.5.2 Harvest: Gatherer 75 19.5.3 Harvest: Broker 78 19.5.4 How to Create a Gatherer? 79 19.5.5 How to Create a Broker? 88 19.6 Constructing an SSH Tunnel Through an HTTP Proxy 93 19.7 Homework Problems 98 Computer and Network Security by Avi Kak Lecture 19 19.1: FIREWALLS IN GENERAL (AGAIN) • To expand on what was mentioned at the beginning of Lecture 18, firewalls can be designed to operate at any of the following three layers in the TCP/IP protocol stack: – the Transport Layer (example: packet filtering with iptables) – the Application Layer (example: HTTP Proxy) – the layer between the Application Layer and the .