Category Archives: internet

Setting up SQUID proxy for second internet connection

Posted on by
Reply

Squid is a nice caching software that caches internet content for faster browsing, the following setup allow me to split internet use over 2 internet connection at the office, this will make things faster at peak times, and the internet cache should make the internet faster in general for everyone

Now, the setup is as follows

a computer with 2 NIC cards connects the normal way to the office network on one card, and to an ADSL router with the other card, On this computer i installed bind9 and squid proxy

apt-get install bind9 squid

Now, you can go to adapter properties in windows on all PCs and instruct them to use our nice computer for DNS resolution (From the NIC card’s properties / IPv4 menu).

As for using squid, you could simply enter the IP of the caching machine (the one to our network’s side) and use port 3128 on your Firefox settings

to do that, you can visit Tools => Options => Advanced Tab => Network Sub Tab => Settings button under connection => Manual Proxy Configuration, enter the IP and port (192.168.x.x port 3128) and tick the use this proxy server for all protocols

You should be done, But wait, a default installation of squid should say access denied, to fix that, you would simply uncomment the line

#http_access allow localnet

by removing the leading # from the beginning, now all local networks that start with 192.168 should be able to use squid

Now, you may want to increase the cache size to use more of the hard disk, on this rather old computer, we have an 80GB hard drive, we would probably want to use 60GBs of it (df -h should tell you what your disks are like and how much is free)

cache_dir ufs /var/spool/squid 60000 128 256

Now, to making sure things work fine

route

should show 2 defaults, the first should be the internet connection, if not, use route
route del default
route add default gw 192.168.15.1 dev eth1

which is actually the IP of the ADSL router and the ADSL router is connected to eth1, you can check that with the ifconfig command

But even though we want all traffic to go through eth1 as default, still, the .4.113 needs to be accessed via eth0

route add -net 192.168.4.0 netmask 255.255.255.0 gw 192.168.4.113 dev eth1

root servers under attack

Posted on by
Reply

2 of the DNS topmost 13 servers came under attack yesterday, nothing you would have noticed, but it does mean that the American DoD and ICANN have been doing there homework.

The people running the .ORG got attacked as well, but they did not go down at all either

The DOS attacks work by sending requests to servers, and adding the wrong ip for the return address, so the servers would respond to either a non existing address, or to a computer that did not send the request and therefore not expecting an answer, the asymetric attack could either overwhelm the servers, or overwhelms the network in the case of requesting somewhat large chunks of data, since the sender only needs to send a small request, and not worry about having the bandwidth to receive the response.

There is an old saying about that that don’t break us makes us stronger, and it can not be more true than this time, it is a reminder that security should always come first when the internet could go down, and at the same time, nothing really went down.