Security :: Encrypting All Traffic By Squid

Jun 24, 2010

We use a squid proxy server for all http traffic. Is there any way to configure squid so that all traffic which squid and workstation communicates is SSL and encrypted ?

View 2 Replies


ADVERTISEMENT

Ubuntu Security :: Encrypting My Server ?

Oct 29, 2010

I have an Ubuntu 10.04.1 LTS server that I set up a while back and I am considering encrypting the whole box. I store everything on the server and if it were stolen from a home robbery it could be quite devastating. The server is using two 750 GB SATA hard drives formatted with LVM. Inside the LVM I have a small partition on the first drive for the OS, SWAP, and everything else on the first and second drive is /var/media which is where I store all the data. I have set up an encrypted LVM on my laptop but that was during the install using the automatic method.

I can't figure out how to do what I want to do and I don't want to risk destroying the data on the server. What I would like is to non-destructively encrypt the server (System, SWAP, and DATA partitions) similar to how TrueCrypt works on Windows and I'd like the encryption key to be stored on a USB thumb drive so when the server boots it requires a hardware key. (And have the encryption key backed up online in case the flash drive dies.) And I'd like to use AES 256.

Code:

View 1 Replies View Related

Fedora Security :: Encrypting Emails In The Thunderbird?

Jun 17, 2009

i have recently installed thunderbird on my fedora 11 box and so far so good. i am interested in encrypting my emails and digitally signing them as well. does anyone have documentation as to how i can do this? i messed around with it last night but i was not able to import a valid certificate.

View 14 Replies View Related

Fedora Security :: Encrypting A Hard Drive In 12 ?

Dec 12, 2009

I'm installing fedora 12 on a laptop using the live cd, and I have a few questions about the encryption process.

First, I'd like to fill the drive with random data. I've read the fedora documentation and it suggests using the following command: dd if=/dev/urandom of=<device>. The installer didn't offer an opportunity to do this, so I opened a terminal and typed the command. I expected it to take hours on my 160 gig hard drive, but it only took about 3 minutes, and indicated about 600 megs of data had been written. Did I do it correctly? According to palimpsest, my boot partition is sda1 and the other partition is sda2, so that's the one ran the command with.

Second, I need some advice on what to encrypt. The installer shows me the following layout after I select encryption:

LVM Volume Groups

Hard Drives

I know I can't encrypt boot, but I can encrypt lv_root and lv_swap. But is it necessary to do that? And tell me the pros and cons of using a boot loader password?

View 1 Replies View Related

Ubuntu Security :: Encrypting A NAS Via A Samba Share?

Jun 10, 2010

why the following doesn't work with ext3 or 4?

dd if=/dev/urandom of=/tmp/container.bin bs=1024 count=20000
sudo losetup /dev/loop2 /tmp/container.bin
sudo cryptsetup -c aes -s 256 --verify-passphrase luksFormat /dev/loop2[code].........

View 1 Replies View Related

Security :: Is It Worth Encrypting Hard Drive?

Oct 21, 2010

I encrypted my hard drive on my media PC but it's really annoying having to type in a password every time I turn it on. I chose a short password so it was quick and easy to type in but is it worth encrypting data with a weak password?If the computer is suspended, someone could come along and resume the computer. They would be presented with a locked GNOME session) but the data would be unencrypted; does this go against encrypting the hard drive? Or does the locked GNOME session provide enough security to keep an intruder out?

View 9 Replies View Related

Ubuntu Security :: Easiest Program To Use For Encrypting External HD

Mar 6, 2010

I currently have my home folder encrypted with 128 bit encfs but i have the back up of that 'in the clear' on my back up hard drive. I am not that great with complicated instructions and especially the terminal so what if any is the easiest program to encrypt with?

View 9 Replies View Related

Ubuntu Security :: Encrypting Content With A Password Only - No Keys

Jun 1, 2010

What is the easiest way to encrypt plain text content with a password only? I need to encrypt client login information, but I hate dealing with all the unnecessary complexities of Linux's encryption systems.

I know I am going to get a bunch of people telling me how perfect Seahorse and whatever is, but Seahorse and the default /home directly encryption have both given me too many problems when decrypting my information. I prefer to preserve my data rather than using these methods.

View 9 Replies View Related

Ubuntu Security :: Encrypting / Home Partition Without Reinstalling?

Jun 12, 2011

I have Kubuntu 11.04 64-bit installed (software upgrade from 10.10) and I have a separate /home partition. I want to encrypt my /home partition (and perhaps the swap partition as well) but I don't want to have to reinstall Kubuntu. (Mostly because it was a software upgrade and I don't have an 11.04 disc.) I found a tutorial for Encryptfs via one of the stickies that mentions post-install migration, but it says that using Encryptfs on a separate /home partition is more complicated than if it were part of the root partition and that the CDs don't have any software to preserve and configure existing encrypted /home partitions. (Granted this tutorial is made for 9.04, so things may have changed.)

Also, this tutorial makes it sound like if you have your /home directory encrypted that the encrypted data is stored in a folder on the root partition. Is it done the same way if the /home directory is on its own partition? Because I don't think my root partition is large enough to have all of my /home data. (I purposely kept it small because the root partition doesn't seem to get very large.)

View 9 Replies View Related

Fedora Security :: Encrypting The Swap Partition While /dev/path Constantly Changes?

Aug 10, 2011

I would like to encrypt my swap partition ...During installation, I tried to select the "encrypt partition" choice, but it needed a passphrase.After installation, I tried to encrypt my partition ... I followed this article: The problem is that my swap partition always changes its path ...When I first booted the system, it was /dev/sda10, next it became /dev/sdc10, now it is /dev/sdb10. This is probably the reason why in fstab all entries are according to UUID.However, the swap partition is not fond of UUIDs ! I tried to mkswap /dev/<current swap partition> -L Swap, I received a UUID, puted it in /etc/crypttab ... it worked for the first time ... but the second time... did not.

View 14 Replies View Related

Server :: Squid Traffic Transferred For Monitoring Purposes?

Apr 13, 2010

I want to know that squid in 5 min ago and 1 hour ago how much traffic transferred for monitoring purposes?? where can I get this info from running squid? of course I get I have to note that access.log is disabled for some reasons.

View 3 Replies View Related

Software :: Control Traffic Forward To Squid Server?

May 5, 2010

The network in my company use Squid Proxy serveto browse internet.Browser is IE or Firefox, and OS is Windows XP.The company need to use a new software for work, but the software don't have function that can configure Proxy server to connect to Server outside.I don't want to NAT port on router because I cannot control the traffic.Is there any software same as Proxy Client ... installed on Windows XP?My idea is that the software same as ISA server - ISA client

View 1 Replies View Related

Software :: Using Squid/Iptables To Redirect Inbound Web Traffic To Url/IP

Jan 13, 2010

We host a web server in which we are hoping to implement some form of traffic redirection based on source IP address, and I am wondering whether the squid proxy built on iptables would be capable of managing this task? Essentially we are trying to redirect traffic from specific set of source IP ranges to a "Your IP has been restricted" type of page at a different IP/FQDN.

View 2 Replies View Related

Server :: Will Squid Work To Reverse Proxy Non-HTTP Traffic?

Aug 2, 2011

I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 2 Replies View Related

Ubuntu Security :: Encrypting Swap Space Breaks Standby/lock Screen?

Jan 7, 2010

As part of making a encrypted private folder i told encfs to encrypt swap space on my pc knowing that this would probably break sleep and hibernation. That said i just turned on ubuntu for 5 mins, had to go away for a bit, when i came back to unlock the screen my password was not being accepted, and another 5 mins later the screen said that my session had timed out-i had to do a cold reboot Does this mean i cant lock the screen anymore?

View 7 Replies View Related

Server :: Will Squid Or HAproxy Work To Reverse Proxy Non-http Traffic

Apr 19, 2011

Will squid or HAproxy work to reverse proxy non-http traffic? I have searched and searched for a reverse proxy solution for non-website traffic. TCP but not http, on ports other than 80, 443, 8080, etc. Basically I just need a TCP forwarder that works with multiple TCP servers, WITHOUT webpage caching features. I do not need or want any webpage caching. Can squid work as a reverse proxy for TCP traffic without http? The other program I came across in searching was HAproxy. Both programs are for http but I am curious if they would work for TCP servers that do not serve webpages.

View 4 Replies View Related

Ubuntu Security :: Grub With Luks Support - Encrypting The Boot Partition To Prevent The Kernel From Being Modified?

Mar 9, 2011

Has anyone tried encrypting the boot partition to prevent the kernel from being modified. Iv tried following this but I'm running into issues when building. [URL] Im using the source from bzr checkout [URL] Last time I tried I screwed grub and it wouldnt boot.

View 9 Replies View Related

CentOS 5 Networking :: Check If Clamav Is Scanning HTTP Traffic Squid Proxy Server?

May 21, 2011

I'm trying to setup a Centos 5.6 Squid Proxy Server with Content Filtering & Antivirus Scanning Incoming HTTP Traffic from the Internet

I then proceeded to setup an configure the Proxy Server, i was able to test and confirm that Squid and Dansguardian Content Filter is working, however i dont know if Clamav is scanning HTTP traffic before it hits the client/server. Is there a way i can check if the Antivirus scanning is working.. is there some log file or real world test i can i can do to confirm that Clamav is scanning incoming traffic or even blocking potential viruses ??

Anyone who has squid proxy server with Clamav configured and its working can share there settings/setup with me and how they tested it ??

View 1 Replies View Related

Server :: PPTP Traffic - Gre Traffic Is Being Generated During The Browsing / Reduce Traffic

Sep 27, 2009

Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:

Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT

iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.

When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.

So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?

View 3 Replies View Related

Ubuntu Security :: Encrypting Home Folder After Having Installed Ubuntu?

Dec 19, 2010

In my opinion there should be a tool installed in Ubuntu by default which lets the user easily encrypt his home folder. One is given the option in the installed, but if one decides to encrypt his folders afterwards that's quite hard to achieve.

View 8 Replies View Related

Security :: Only Allow Traffic Between 2 Interfaces?

Jun 13, 2010

what rules I need to use to only allow traffic between 2 interfaces (which are part of a linux bridge) using ebtables?

So let's say I have if0, if1, if2. I want if1 to communicate with if0. I also want if2 to be able to communicate with if0. But I don't want if1 and if2 to communicate with each other.

View 2 Replies View Related

Security :: Logging/Blocking LAN Traffic?

Apr 26, 2010

Where I work we have a lan, it is almost 100% windows machines except for 2 CentOS machines in which some clients connect to, via VPN. (very small network, <50 ip's used)

I would like to know if there is a way to block access from that machines to others in the network. I'm already logging traffic (with IPTraff) to see if they're accessing other machines in the network others than the ones they should connect.

View 7 Replies View Related

Security :: UDP Traffic Unauthorized On Ubuntu 10.04?

Mar 11, 2011

has my Ubuntu machine been cracked?

machine on home lan
192.168.0.102
it is the DMZ from router
ufw on (ports open for aMule)
sshd installed

[Code].....

View 2 Replies View Related

Security :: Is A Firewall Needed If Get All Traffic Through A Router

Aug 8, 2010

I get all my traffic from my router, as this computer seldom moves. So is there a use for a firewall?I am not sure, because when I scan my IP address with nmap, no matter what the changes I make in the firewall, it is always the same scan...cannot fingerprint OS...and all closed ports.The all closed ports thing only changes when i torrent, then i get a wide open port.

View 14 Replies View Related

Security :: Block Traffic Initiated From Computers In The DMZ?

Apr 3, 2009

I have computers in the DMZ (192.168.1.0/24) .. How to block traffic initiated from computers in the DMZ?

View 3 Replies View Related

Security :: IPTables Setup Blocking SSH Traffic

Feb 11, 2011

I set up iptables but it is blocking my SSH set up. I did allow it by opening port 22 but it did not work. Here is my config:

Code:
iptables -F
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
iptables -P FORWARD DROP

### this should allow SSH traffic
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

How do you allow SSH through the iptables firewall?

View 5 Replies View Related

Security :: Updates: Specify Source Port For Traffic?

Dec 14, 2010

I've a server, and I want to drop all the traffic going out with other source port than 80 (apache) and 22(ssh). The reason is I want to prevent my machine sending packets I don't know (i.e. my server scanning networks or making DDOS attacks without my knowledge). The problem are the updates. If I do what I've said, the updates will not work. I want to allow updates, so I need to let DNS traffic (port 53) and the traffic of the updates to go out.

The problem is the source port. This traffic uses a dynamic port (I think like HTTP). Is there any way to specify a source port to do this? If a have a static port to do this, I would drop all the traffic going out with other port than 22,53,80 and this port.

View 3 Replies View Related

Ubuntu Security :: Program - Network Traffic Monitoring

Jan 31, 2010

Is there a program that monitors and displays 'who' is on your wireless Internet signal that one may not be aware of? Like, the ability to see when someone that you don't know is accessing your locked wireless?

View 9 Replies View Related

Ubuntu Security :: Traffic To Specific Sites Throttled?

Sep 14, 2010

I want to check if traffic to a specific URL is being throttled by a hospital acting as an ISP. A client is having great trouble accessing a hosted web-app from inside the hospital, but access is fine from outside. The hospital IT dept are not interested as the rest of the Internet is fine. I need to trace where the latency is creeping in or where the throttling is happening, if I can do that, the hospital will remove it. Traffic is standard http to a specific URL.

View 9 Replies View Related

Security :: Will Noise Beat Eavesdroppers Looking For Peaks Of Traffic

Mar 6, 2010

we want to post anonymously to a public forum like linuxquestions. We can do it through a service like [URL]. This uses a secure link so any eavesdropper in my LAN cannot see the url I am connecting to.

If this eavesdropper in my LAN suspects I am posting on linuxforums.com, they can look at times when my suspected posts appear in this public forum, and compare them with peaks in the traffic from my computer, and if the times match, it's a strong indication I am the same person. If I somehow fill the virtual private connection with a dummy data stream, can the eavesdropper still tell I am posting to linuxquestions?

View 11 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved