Solved

What is a good http/ftp proxy server?

Posted on 2008-10-17
7
519 Views
Last Modified: 2012-06-21
What do you recommend?   I need a good, easy to setup http/https/ftp proxy server for a linux box running ubuntu 8.04 (hardy) using kernel 2.6.24-21-386.  All my pcs are ethernet connected in a p2p configuration using ip 10.10.0.xxx.   Because.......

I have another win xp pro, sp3 box that's infected with malware.  I want to setup up a proxy on the linux machine so I can run Spyware Doctor's "smart update" to get the most recent software and  definitions. I can't do that on the xp box because I do not have internet connectivity.  Spyware doctor Smart Update has a small panel that allows me to enter proxy server: ip, port, uid and passward, I assume this is to another machine to get internet access.

Zone Alarm is blocking hasplms.exe and msfeedssync.exe.  I'm searching for those programs now and will  remove or delete when and if locate them.

Any thoughts on a good, quick, simple, easy to implement proxy for linux?

ZL identified these Trojans as the culprits:

Win32.Adware.Dm.kb
Win32.Application.Binder.B
Win32.Generic.Malware.p2p
Win32.Trojan.Crypt.ASPM.Gen
Win32.Trojan.PSW.LdPinch.BSG

Thanks much!
0
Comment
Question by:IT79637
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 166 total points
ID: 22745858
So all you want the proxy server for is to let the XP box download updates?

You don't really need a proxy server for that.  You can use iptables, xinetd or a lightweight proxy utility such as balance.

0
 
LVL 1

Assisted Solution

by:djashley
djashley earned 166 total points
ID: 22746311
0
 
LVL 12

Accepted Solution

by:
hfraser earned 168 total points
ID: 22746423
if you're comfortable with the Linux environment, a second NIC, good firewall configuration, and a proxy like Squid will provide the functions you're looking for. If you choose this path, grab a copy of Webmin to help administer the system.

If you're not comfortable configuring the individual pieces needed to make your Ubuntu system perform as a secure gateway, consider one of the canned Linux security systems like Untangle. It's Linux and the same tools under the covers, but with an easier to understand GUI. The caveat is that it installs from the CD, so you'll either need another computer or sacrifice your Ubuntu system until the Windows system is cleaned up.

0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 166 total points
ID: 22746486
squid is a massive overkill if all the proxy is doing is allowing the XP box to occasionally download some updates.
0
 
LVL 12

Assisted Solution

by:hfraser
hfraser earned 168 total points
ID: 22746864
If the system were clean, I'd agree. My assumption was that this was a one-time effort to correct a box that's already infected with several trojans, and there's probably some reasonable concern about the trojans phoning home and perhaps causing further grief before they can be cleaned. I assume this explains why the box does not have internet connectivity (a wise precaution, in my estimation), although it probably did at one time to get infected.

Squid and iptables firewalls are good tools for doing this safely, but they are a bit daunting. Hence the suggestion to throw Untangle on a spare box as a proxy server, lock the access down, and do the updates.

Of course, the best solution these days is to simply re-deploy the machine.
0
 
LVL 1

Assisted Solution

by:djashley
djashley earned 166 total points
ID: 22747100
If you want a gateway then IPCOP is the best. If you need good QOS then pfsense
0
 
LVL 1

Author Comment

by:IT79637
ID: 22807126
I was not able to evaluate all of the suggested proxy servers. I also had troubles setting them up.  Consequently, I decided to use the sledge hammer approach and restore the last full backup before the introduction of the malware.

I'm tempted to take an old box and set it up using a linux distribution designed for security only.  

Thanks for all your input.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

829 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question