Course Description
Squid is a full-featured Web proxy cache designed to run on Unix-based systems. As an Open Source product it is free.
Squid supports proxying and caching of HTTP, FTP, and other URLs; proxying for SSL; cache hierarchies; ICP, HTCP, CARP, Cache Digests; transparent caching and much more.
Who should attend
System administrators, network administrators and software developers who want to implement Squid.
Prerequisites
Attendees should already have a basic understanding of the Internet and Unix operating systems. You should already be comfortable with editing configuration files and installing software on your system. You should understand fundamentals such as hostnames, user-ids, file systems, and file permissions.
Prior knowledge of HTTP and Web Caching is not required.
Course Outline
UNIT 1: Squid Proxy Concepts
Discuss Squid concepts & applications
Start Squid and check default configuration
UNIT 2: General Proxy Usage
Grant permissions to permit local hosts to utilize proxy services
file system layout - partitioning
Peek into Key configuration files
Use client to test the performance of proxy services
HIT/MISS logic
Configure proxy support for text-based (lftp/wget/lynx) HTTP clients
UNIT 3: Squid Proxy Logs
Proxy logging mechanism
explore the Access log to identify HITS and/or MISSES
explore the Store log to identify cached content
Convert Squid logs to the Common Log Format (CLF) for easy processing
Configure Webalizer to process Squid-CLF logs
UNIT 4: Squid Network Configuration & System Stats
cachemgr.cgi - Common Gateway Interface(CGI) script
Explore the available metrics provided by cachemgr.cgi
UNIT 5: Squid Access Control Lists (ACLs)
Define & test multiple HTTP-based ACLs
Define & test ACL lists - to support multiple hosts/subnets
Define & test time-based ACLs
Implement destination domain based ACLs
UNIT 6: Bandwidth management
delay pool concepts & applications
rate-limiting
UNIT 7: Squid Proxy Hierarchies
primary cache server - double-auditing
parent-child bypass based on ACLs
peer-cache bypass
Squid cache hierarchy siblings
transparent proxy services
UNIT 8: URL Blocking
porn/racism/offensive content
UNIT 9: squid optimization guide
Playing the Optimization Game
Enter ReiserFS
Compile from source
Gadget Makefile
Tweak my /proc baby, yeah!
LAB TASK
1. Setup a proxy server with web content filtering: squid + rejik + squint + sqstat
Squid is a proxy server and web cache daemon.
Rejik is a squid redirector, used to block advertising, banners, mp3 and so on.
Squint is used to periodically analyze squid logs, and produce linked HTML reports.
SqStat is a php script which allows to look through active squid users connections. It use cachemgr protocol to get information from squid proxy server.
2.Squid Forensics
Cephalopod autopsies?
This lab task is about conducting forensics on a Squid web proxy/cache.
Just as complicated, but less smelly.
Trainings
Onsite Training
These courses are available for on-site delivery for groups of 5 or more students.
LinoBox offers discounted training for on-site courses of more than 5 students - contact Sanjeet Vanamala at sanjeet@linobox.com or 91-9819586142 to schedule training and arrange details or for any kind of information..
|
Live Practice Labs
