Security considerations with Squid proxy server
ثبت نشده
چکیده
Securing and controlling workstation access to the web has never been an easy task for security professionals. Firewalls and access control list on routers alone may not bring an acceptable level of security for your organization. Even if their primary role is to reduce network traffic and improve performance, HTTP proxy servers (also called cache servers) are likely to be installed as an additional security layer and as a web surfing monitoring system. Having secure proxy servers is critical because many users depend ...
منابع مشابه
On Performance of Caching Proxies
This paper presents a performance study of the state-of-the-art caching proxy called Squid. We instrumented Squid to measure per request network and disk activities and conducted a series of experiments on large Web caches. We have discovered many interesting and consistent patterns across a wide variety of environments. Our data and analysis are essential for understanding, modeling, benchmark...
متن کاملRfc 6872 Sip Clf
Well-known web servers such as Apache and web proxies like Squid support event logging using a common log format. The logs produced using these de facto standard formats are invaluable to system administrators for troubleshooting a server and tool writers to craft tools that mine the log files and produce reports and trends. Furthermore, these log files can also be used to train anomaly detecti...
متن کاملDevelopment and Evaluation of a Secure Web Gateway Using Existing ICAP Open Source Tools
This work in progress paper discusses the development and evaluation of an open source secure web gateway. The proof of concept system uses a combination of open source software (including the Greasyspoon ICAP Server, Squid HTTP proxy, and Clam Antivirus) to perform the various security tasks that range from simple (such as passive content insertion) to more advanced (such as active content alt...
متن کاملEnforcing direct communications between clients and Web servers to improve proxy performance and security
The amount of dynamic Web contents and secured e-commerce transactions has been dramatically increasing on the Internet, where proxy servers between clients and Web servers are commonly used for the purpose of sharing commonly accessed data and reducing Internet traffic. A significant and unnecessary Web access delay is caused by the overhead in proxy servers to process two types of accesses, n...
متن کاملDenial of Service via Algorithmic Complexity Attacks
We present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications’ data structures. Frequently used data structures have “average-case” expected running time that’s far more efficient than the worst case. For example, both binary trees and hash tables can degenerate to linked lists with carefully chosen input. We show how an atta...
متن کامل