Solved

What is a good http/ftp proxy server?

Posted on 2008-10-17
7
518 Views
Last Modified: 2012-06-21
What do you recommend?   I need a good, easy to setup http/https/ftp proxy server for a linux box running ubuntu 8.04 (hardy) using kernel 2.6.24-21-386.  All my pcs are ethernet connected in a p2p configuration using ip 10.10.0.xxx.   Because.......

I have another win xp pro, sp3 box that's infected with malware.  I want to setup up a proxy on the linux machine so I can run Spyware Doctor's "smart update" to get the most recent software and  definitions. I can't do that on the xp box because I do not have internet connectivity.  Spyware doctor Smart Update has a small panel that allows me to enter proxy server: ip, port, uid and passward, I assume this is to another machine to get internet access.

Zone Alarm is blocking hasplms.exe and msfeedssync.exe.  I'm searching for those programs now and will  remove or delete when and if locate them.

Any thoughts on a good, quick, simple, easy to implement proxy for linux?

ZL identified these Trojans as the culprits:

Win32.Adware.Dm.kb
Win32.Application.Binder.B
Win32.Generic.Malware.p2p
Win32.Trojan.Crypt.ASPM.Gen
Win32.Trojan.PSW.LdPinch.BSG

Thanks much!
0
Comment
Question by:IT79637
  • 2
  • 2
  • 2
  • +1
7 Comments
 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 166 total points
ID: 22745858
So all you want the proxy server for is to let the XP box download updates?

You don't really need a proxy server for that.  You can use iptables, xinetd or a lightweight proxy utility such as balance.

0
 
LVL 1

Assisted Solution

by:djashley
djashley earned 166 total points
ID: 22746311
0
 
LVL 12

Accepted Solution

by:
hfraser earned 168 total points
ID: 22746423
if you're comfortable with the Linux environment, a second NIC, good firewall configuration, and a proxy like Squid will provide the functions you're looking for. If you choose this path, grab a copy of Webmin to help administer the system.

If you're not comfortable configuring the individual pieces needed to make your Ubuntu system perform as a secure gateway, consider one of the canned Linux security systems like Untangle. It's Linux and the same tools under the covers, but with an easier to understand GUI. The caveat is that it installs from the CD, so you'll either need another computer or sacrifice your Ubuntu system until the Windows system is cleaned up.

0
VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

 
LVL 48

Assisted Solution

by:Tintin
Tintin earned 166 total points
ID: 22746486
squid is a massive overkill if all the proxy is doing is allowing the XP box to occasionally download some updates.
0
 
LVL 12

Assisted Solution

by:hfraser
hfraser earned 168 total points
ID: 22746864
If the system were clean, I'd agree. My assumption was that this was a one-time effort to correct a box that's already infected with several trojans, and there's probably some reasonable concern about the trojans phoning home and perhaps causing further grief before they can be cleaned. I assume this explains why the box does not have internet connectivity (a wise precaution, in my estimation), although it probably did at one time to get infected.

Squid and iptables firewalls are good tools for doing this safely, but they are a bit daunting. Hence the suggestion to throw Untangle on a spare box as a proxy server, lock the access down, and do the updates.

Of course, the best solution these days is to simply re-deploy the machine.
0
 
LVL 1

Assisted Solution

by:djashley
djashley earned 166 total points
ID: 22747100
If you want a gateway then IPCOP is the best. If you need good QOS then pfsense
0
 
LVL 1

Author Comment

by:IT79637
ID: 22807126
I was not able to evaluate all of the suggested proxy servers. I also had troubles setting them up.  Consequently, I decided to use the sledge hammer approach and restore the last full backup before the introduction of the malware.

I'm tempted to take an old box and set it up using a linux distribution designed for security only.  

Thanks for all your input.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Linux Mint 18 31 91
CentOS/RHEL 7 Linux maillog worldwide readable 2 68
expectj telnet failing 5 37
Penetration Testing home based work 3 76
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
If you have a server on collocation with the super-fast CPU, that doesn't mean that you get it running at full power. Here is a preamble. When doing inventory of Linux servers, that I'm administering, I've found that some of them are running on l…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question