--This is a Vmware Workstation 5.x / Vmware Player-compatible virtual machine, minimal install (No X, and only the bare minimum of utility progs) Squid proxy server - based on Debian Linux netinstall 3.1r1. --It provides: o Internet access via caching proxy, o Custom ad-blocking, logging and report capability, and pr0n-blocking. --Why you should consider using it: o You can reduce all of your browser cache sizes down to 5-10MB and point the proxy settings to the VM's IP address for an extra level of security. o The VM comes in handy when setting up a new Windows box and downloading updates. --It will cache such things as: o apt-get (as long as http_proxy and ftp_proxy variables are set), o FTP downloads, o Windows updates, o Web browsing (pics, HTML, Flash, movies), etc. ...and also log where cache users are going on the Net. --Maximum object size in the cache is currently limited to: 16MB (anything over that won't be cached), but can be changed in the config. ( Edit file " /etc/squid.conf ", save, and issue ' squid -kreconfigure '. ) o Where to download VMWare Player: http://www.vmware.com/download/player/ ============== Configured VM: ============== 100MB RAM Disk size: 1.5 GB hda ( NON-PREALLOCATED, but pre-zeroed ) CDROM 1:0 Auto-detect physical drive, but not connected Floppy: Autodetect, but not connected Ethernet: (1) Bridged ( Will obtain DHCP address and also have Static IP of 10.0.244.4 ) USB: Yes Serial port: Yes, but not connected ( auto detect ) (1) Processor, no sound. ================== LOGIN INFORMATION: ================== ID / password: root / vmroot user / vmware ** SECURITY NOTE: ** End-users are HIGHLY ENCOURAGED to change these default passwords as soon as possible, to avoid cracker attacks. As root, ' passwd root ' and ' passwd user '. =========== Disk usage: =========== Uncompressed: 542MB ; disk is limited to 1.5GB The tar.bz2 weighs in at: 124,136,382 bytes. --More info about Squid: http://www.squid-cache.org/ =========================== --Reasons for creating this and sharing it with the community: Once downloaded and running, this VM provides an instant level of additional security for web-browsing, by blocking user-defined sites / ads and acting as a proxy between you and the Internet. It also logs all URLs visited and caches up to 700MB of downloaded content in a self-contained virtual machine. --Example setup: You can change your computer's IP to a static, non-Internet-routable address, such as 10.0.0.2 // netmask 255.0.0.0; the VM obtains a DHCP address internally and also has a static address of 10.0.244.4 // 255.0.0.0 By pointing your browser(s) and other internet-accessing programs to the proxy (10.0.244.4 / port 3128) and not having a direct connection, you can track what is being downloaded; prevent unwanted Internet access; and share cached data between other computers on the network that are also using the proxy. (Think Windows updates. Using a proxy is particularly effective on slow connections, even dialup.) You save bandwidth by blocking ads and other content that you don't want/need to see, and YOU have control over the proxy's settings. Hackers trying to get into the box will not see your Windows install and its associated ports, they can only try to get into the Linux VM. Bonus feature: You can connect to another machine over the Internet using a VPN, and still be able to browse the Web by using the proxy. In other words, ENJOY and "have a lot of fun"! ======================== FYI, you can add these lines to the end of /etc/inittab to activate several status displays: 5:2345:respawn:/usr/bin/open -f -c 5 -w -- /usr/bin/nice /usr/bin/ethstatus -S3m 6:2345:respawn:/usr/bin/open -f -c 6 -w -- /usr/bin/watch -n 30 /bin/df -h 8:2345:respawn:/usr/bin/tail -f -n 30 /var/spool/squid/access.log >>/dev/tty8 9:2345:respawn:/usr/bin/open -f -c 9 -w -- /usr/bin/top -s -d 10 ==== What this does: On tty5 ( alt-F5 ) shows realtime Ethernet traffic On tty6, shows disk space usage every 30 sec On tty8, shows the URLs that are passing thru Squid in near-realtime On tty9, " top " CPU display updated every 10 sec ==== After adding those lines and saving inittab, you should ' kill -hup 1 ' to force inittab reload, and init will activate them. ======================== + Static IP (10.0.244.4) can be changed in /etc/init.d/boot.local + EXTRA: Provided " /root/INSTALL-INFORMATION.txt " logging what was done for installation + EXTRA: Provided 99% of the Bash scripts and aliases that I use regularly, in /root/bin and /home/user/bin. + Provided custom ad-blocking and pr0n-blocking rules for Squid ( /etc/squid/adsblock.txt, porn.txt, notporn.txt ) + Squid is configured for 64MB RAM limit and 700MB of disk space. /etc/squid.conf is heavily commented ( Look for "XXX" to see which bits were changed. ) + Box is running only the bare minimum of services on ports: 22 ssh 3128 squid - SSH login as root is already disabled in /etc/ssh/sshd_config, for security - Only (4) login TTYs are provided instead of (6); 2-4 are running mingetty to save memory. + BIOS is lightly optimized, not just out-of-box (32-bit disk access, boot diag screen) + wvdial and Penggy are installed if you need dial-up access, and example /etc/penggy config files are supplied for AOL dialup + VM is running a -386 kernel for compatibility but can easily be upgraded to -686 or the like, for speed. --At boot, login as root: ' free ' reveals the VM is using only ~32 MB RAM. --Disk used: 128MB Swap + 310MB Root ;; 1.1GB free. --The VM disk has been pre-zeroed and " apt-get clean"ed for compression. ================================= --Suggested additional software: (' apt-get update; apt-get install pkgname ') o webmin -- For system configuration (Browser-based config: https://10.0.244.4:10000 ) o webmin-squid o calamaris -- Log analyzer o sarg -- Squid analysis report generator o webmin-sarg o srg -- Detailed log analysis for squid o squid-cgi -- Cache manager interface ...................................... Last edit: 2006.0224 kingneutron AT NOSPAMyahooDOTcom