Mobile:
021 909 325
E-mail: jonathan at opperman dot za dot net
Experience: 11 Years as a Linux/Unix/Network System Administrator
Do you trust everyone using your network? If yes stop reading this, if no continue reading.
What I offer is:
1.)Prohibiting unwanted traffic on your network, blocking all internet traffic and only allowing certain access from “unknown” entities.
2.)Save on bandwidth costs, ie not reaching your monthly limit and needing to purchase more to prevent slow access.
3.)Protect yourself, use a content filter (browsing) to prohibit sexual content, etc etc. This is based on using:
3.1) Squid3(http://www.squid-cache.org) — Proxy
Squid is a proxy server and web cache daemon. It has a wide variety of uses, from speeding up a web server by caching repeated requests;
to caching web, DNS and other computer network lookups for a group of people sharing network resources; to aiding security by filtering
traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including TLS, SSL.Caching
is a way to store requested Internet objects (e.g. data like web pages) available via the HTTP, FTP, and Gopher protocols on a system
closer to the requesting site.
Web browsers can then use the local Squid cache as a proxy HTTP server, reducing access time as well as bandwidth consumption. This is
often useful for Internet service providers to increase speed to their customers, and LANs that share an Internet connection. Because it is also
a proxy (i.e. it behaves like a client on behalf of the real client), it can provide some anonymity and security. However, it also can introduce
significant privacy concerns as it can log a lot of data including URLs requested, the exact date and time, the name and version of the requester’s
web browser and operating system, and the referrer.
A client program (e.g. browser) either has to specify explicitly the proxy server it wants to use (typical for ISP customers), or it could be
using a proxy without any extra configuration: transparent caching, in which case all outgoing HTTP requests are intercepted by Squid and all
responses are cached. The latter is typically a corporate set-up (all clients are on the same LAN) and often introduces the privacy concerns mentioned above.
Squid has some features that can help anonymize connections, such as disabling or changing specific header fields in a client’s HTTP requests.
Whether these are set, and what they are set to do, is up to the person who controls the computer running Squid. People requesting pages through
a network which transparently uses Squid may not know whether this information is being logged. Within UK organisations at least, users should be
informed if computers or internet connections are being monitored.
3.2) Dansguardian(http://www.dansguardian.org) — Web Filtering
DansGuardian, written by SmoothWall Ltd and others, is content-control software: software designed to control which websites users can access. It
also includes virus filtering and usage monitoring features. DansGuardian must be installed on a Unix or GNU/Linux computer, such as a server computer;
its filtering extends to all computers in an organization, including Windows and Macintosh computers. DansGuardian is used by schools, businesses,
value-added Internet service providers, and others.
Technical details
DansGuardian is distributed under the GPLv2 free software license, and written using the C++ programming language. It primarily runs in GNU/Linux
and other Unixes. It is entirely command line and web-based, and meant to be used in conjunction with a web proxy such as Squid.
In the United States, DansGuardian satisfies the requirements of Children’s Internet Protection Act.
3.3) Linux(http://www.debian.org) — Operating System
Debian is a computer operating system composed of software packages released as free and open source software especially under the GNU General Public
License and other free software licenses. The primary form, Debian GNU/Linux, which uses the Linux kernel and GNU OS tools, is a popular and influential
GNU/Linux distribution. It is distributed with access to repositories containing thousands of software packages ready for installation and use. Debian
is known for relatively strict adherence to the Unix and free software philosophies as well as using collaborative software development and testing processes.
Debian can be used as a desktop as well as server operating system. It focuses on stability and security and is used as a base for many other distributions.
4.) Firewall using iptables, part of the Debian Operating System.
What does this do for me?
- Peace of mind (You protect yourself and prevent any unforseen problems in the future)
- Saving on Bandwidth
- Not reaching your monthly bandwidth allowance because of someone else using your bandwidth.
- Prevent download of copyrighted software ie. Movies, music etc from
- Protecting you local network from infected Windows machines that have malwares/trojans etc on them. We block all
“unknown” entities and allow all for “known” or trusted entities.