Danguardian and

Squid Proxy
Installation and Configuration
 Outline

 What’s the Problem?

 Options - Ubuntu
 Getting Started – Download Source File
 Tar and Gzip
 Squid
 Dansguardian
 Potential Problems and Suggestions
 Motivation
 Become Familiar With Ubuntu Web-Filtering
 Filter Inappropriate Content
 Network Security
 User Protection
 Lost Productivity
 Legal Issues
 Adverse Publicity
 Dansguardian and Squid Proxy
 “Ubuntu" is an ancient African word, meaning
"humanity to others". Ubuntu also means "I am what
I am because of who we all are".
 Internet Is a Mixed Blessing
 Moral Obligations
 Ethical Obligations
 Contractual Obligations
 Productivity
 Solution 1– Don’t Engage in Inappropriate Activity
 Solution 2- Web Filtering
 Solution 2 - Ubuntu Options
 Tradeoff Between Flexibility and Control
 Ubuntu Includes Over 16,000 Pieces of SW
 Ubuntu Core Installation Files Fit on a CD
 Ubuntu SW Includes Word Processors,
Spreadsheets, Web Server SW, Email SW, etc.
 Dansguardian (Content Filter version 2.9.9.3)
 Squid (Caching Proxy version 3.0)
Download/Extract Dansguardian
 Use the Wget command – several options
 “tar -xvzf dansguardian-2.9.9.3.tar.gz:”
 -xvzf option
 -x option to extract
 -v option for verbosity
 -z option to unzip
 -f to use the tarfile argument as the file name
 Squid
 Caching Proxy Server
 Supports HTTP, HTTPS, FTP and more
 Reduces Bandwidth
 Improves Response Time
 Extensive Access Controls
 Great Server Accelerator
 Runs on UNIX and Windows
 Squid Configuration
 Configure “ squid.conf ”
 Use a Text Editor, i.e., vi, pico, etc.
 Comment “ # “ the recommended configuration
 After “ acl CONNECT method CONNECT “, Enter
Your Network Information in the Next Two Lines
 Example in Next Slide
 Comment ( # ) “ http_access deny !safe_ports “
( approximately line 1760 )
 squid.conf
 acl localnet src 128.198.61.0/255.255.255.0
 acl all src 128.198.61.0/255.255.255.0
 acl manager proto cache_object
 acl localhost src 127.0.0.1/255.255.255.255
 acl SSL_ports port 443 563
 http_access allow localnet
 http_access allow localhost
 http_access allow CONNECT SSL_ports
 http_access deny all
 Dansguardian Configuration
 cd /.configure
 make
 make install
 make clean
 Enter “crontab -e “ and
 Enter
“ 59 23 ** sat etc/dansguardian/logrotation “
Dansguardian Configuration, cont’d.
 Path to ‘” config “ file is . . .
/etc/dansguardian/dansguardian.conf
 Set “ Proxy IP:=128.198.61.253

( actual IP of server running dansguardian )

 Set Access Denied Address to DG Server IP

“ accessdeniedaddress:=http://128.198.61.253/cgi-
bin/dansguardian.pl “
 Save and Restart
 Potential Problems/Improvements
 Forgetting to Setup Proxy Server in Browser
 Default port is 8080
 ‘ make “ file or devel-tools missing
 Flexibility and Control Balancing Act
 Many available Blacklists are outdated
 Users Find Ways to “Get Around” Content Filters
 Use Updated Blacklists Supported by Commercial
Products such as SmoothWall, ( Content Firewall )
 References
 http://dansguardian.org
 http://www.sequentialart.com/article/php?id=1
03
 http://ubuntuforums.org/showthread/php?t=27
7178
 http://www.ubuntu.com
 http://
sourceforge.net/docman/index.php?group_id
=131757