Monday, July 12, 2010

MS Proxy Usage (1)



http://www.soft6.com/html/news/3/34856.shtml
Proxy granted permission to the new user group

www.soft6.com

Open the IIS Service Manager, and then open the Web Proxy properties page. I will discuss in the MS Proxy Server in how to grant permissions to a group. Open the Web Proxy Server Properties page, select Permissions page.
UTF-8

By default, MS Proxy Server does not configure the permissions for any license agreement. Therefore, no users can WebProxy (or WinSock Proxy) outbound access to Internet, to give a new Proxy user group to grant access, in need of the following:



MS Proxy Usage (1)


Proxy granted permission to the new user group

Open the IIS Service Manager, and then open the Web Proxy properties page. I will discuss in the MS Proxy Server in how to grant permissions to a group. Open the Web Proxy Server Properties page, select Permissions page.

By default, MS Proxy Server does not configure the permissions for any license agreement. Therefore, no users can WebProxy (or WinSock Proxy) outbound access to Internet, to give a new Proxy user group to grant access, in need of the following:

1. In the Protocol drop-down box, select the one you wish to specify the access agreement.
2. Point "Add" button, will pop up a dialog box to group or user to access list of this agreement.


1. The drop-down table list allows you to select the name of any domain, external domain can trust the parallel connection or other domain account.
2. Default list only local groups and global groups, you can list all the users, individually configure users, but network management for large and medium term, will be a nightmare. If possible, try to configure the user with a working group.


In the Add Users and Groups dialog box on the "Members" button to show the current list of selected members of the group




Control access from the Internet to stop

1. In the Protocol drop-down box, select the one you wish to specify the access agreement.
After installing the Proxy Server, NT, there are two changes to expand the security. The first change is the IP forwarding. IP forwarding is a TCP / IP properties in a setting, it is closed. It controls whether the NT transmit IP packets between the network interface (for example: from the network card to connect between RAS). When a permanent Internet connection network configuration under the premise, and the Bureau Online configured for each workstation's Internet direct access to their own time, IP forwarding must be set to valid, so the workstation can send their packets to the Internet, contrary no exception. Connected to the Internet, that Taiwan NT Server, it will lock all of their traffic stops

Further restrict the Internet, even from the client to NT Server, MS Proxy Server banned all do not have permission to set IP port listening, this means that any run on NT Server on the Internet service applications (such as FTP server, Telnet server, or POP3 server) can not hear any traffic outside the pit, except for these agreements set the WinSock Proxy rights. Web Proxy listener on port 80 traffic only, if the Web Proxy in support of the agreement to any set of permissions, you can listen on port 80 traffic stop.
2. Point "Add" button, will pop up a dialog box to group or user to access list of this agreement.



In the MS Proxy Server isolate it in its own domain
1. The drop-down table list allows you to select the name of any domain, external domain can trust the parallel connection or other domain account.

If you want to proxy access settings for your network security features very high, there is a method that is set to run the Proxy Server's NT server as its own domain controller in the basic domain. Then in the Proxy domain and network domain to build a one-way trust relationship between the. Proxy domain set? Trusted network domain, network domain, but do not trust Proxy domain, this setting will be a better place restrictions on the network domain in the Proxy server and access to all the other systems.

When the network is not set as a domain, this approach can be a very good effort. But compared to the terms of the work, run the Proxy Server's NT 鏈嶅姟鍣?can be set to its own domain of the basic domain controller, which can provide better security control, Bing Ju Ye Hui for future expansion easier.
2. Default list only local groups and global groups, you can list all the users, individually configure users, but network management for large and medium term, will be a nightmare. If possible, try to configure the user with a working group.


Proxy Server activity monitoring

Two basic methods: the first one of the most commonly used logging is a standard comma-separated text file, or through the ODBC driver to connect to SQL on. The second method is to monitor via SNMP. This requires the NT SNMP service installed. The purpose of SNMP is distributed, and sometimes control data to a remote workstation in order to run on NT Server on the service can be monitored and controlled outside the local

In the Add Users and Groups dialog box on the "Members" button to show the current list of selected members of the group




Proxy Server can record diary information to a text file, or through the ODBC driver, the information recorded in a data engine. Text log is a very simple process, but also allow network administrators to have a quick way to view the Proxy Server component on the events (Web Proxy and WinSock Proxy). Logs can be used to generate the day, week or month's report.

Control access from the Internet to stop

Text file records


After installing the Proxy Server, NT, there are two changes to expand the security. The first change is the IP forwarding. IP forwarding is a TCP / IP properties in a setting, it is closed. It controls whether the NT transmit IP packets between the network interface (for example: from the network card to connect between RAS). When a permanent Internet connection network configuration under the premise, and the Bureau Online configured for each workstation's Internet direct access to their own time, IP forwarding must be set to valid, so the workstation can send their packets to the Internet, contrary no exception. Connected to the Internet, that Taiwan NT Server, it will lock all of their traffic stops
By default, Proxy Server to log all the event information to a text file, the file exists the following areas:

Further restrict the Internet, even from the client to NT Server, MS Proxy Server banned all do not have permission to set IP port listening, this means that any run on NT Server on the Internet service applications (such as FTP server, Telnet server, or POP3 server) can not hear any traffic outside the pit, except for these agreements set the WinSock Proxy rights. Web Proxy listener on port 80 traffic only, if the Web Proxy in support of the agreement to any set of permissions, you can listen on port 80 traffic stop.
n Web Proxy Logs: c: winntsystem32w3plogs

In the MS Proxy Server isolate it in its own domain

If you want to proxy access settings for your network security features very high, there is a method that is set to run the Proxy Server's NT server as its own domain controller in the basic domain. Then in the Proxy domain and network domain to build a one-way trust relationship between the. Proxy domain set? Trusted network domain, network domain, but do not trust Proxy domain, this setting will be better restricted in Proxy server and network domain access between all the other systems.

When the network is not set as a domain, this approach can be a very good effort. But compared to the work, the NT server running Proxy Server can be set to the basic domain of its own domain controller, which can provide better security control, and for the future expansion will be easier.

Proxy Server activity monitoring

Two basic methods: the first one of the most commonly used logging is a standard comma-separated text file, or through the ODBC driver to connect to SQL on. The second method is to monitor via SNMP. This requires NT SNMP service installed. The purpose of SNMP is distributed, and sometimes control data to a remote workstation in order to run on NT Server on the service can be monitored and controlled outside the local
n WinSock Proxy Logs: c: winntsystem32wsplogs

Proxy Server can record diary information to a text file, or through the ODBC driver, the information recorded in a data engine. Text log is a very simple process, but also allow network administrators to have a quick way to view the Proxy Server component on the events (Web Proxy and WinSock Proxy). Logs can be used to generate the day, week or month's report.

Text file records

By default, Proxy Server to log all the event information to a text file, the file exists the following areas:
n Web Proxy Logs: c: winntsystem32w3plogs
n WinSock Proxy Logs: c: winntsystem32wsplogs

Usually every day automatically create a new log file, you can change weekly or monthly. When using the log file reaches the specified size, it will build a new log file

In the Web Proxy and WinSock Proxy services in the property, there is a log table. Two services are the same table.

After the completion of a log file when its name is based on the current date. For example, the log file is December 5, 1996-built, log file name is: w3961205. Log files in two formats: regular and detailed, the conventional format of the log is short, do not include all of the data elements in detail log contains a complete data model for conventional logs.

Detailed log sample

The definition of data fields
In order to understand the contents of the log file, here is the log file in the definition of each field, its order and you see the same log file. Remember that Web Proxy and WinSock Proxy log file format is the same. Conventional log does not omit any data field, only to reduce some amount of information.

1. Client-IP (ClientIP): This field client to connect to the Proxy IP addresses. When the Web Proxy activation of a buffer task (to be connected to the external WEB to refresh the contents of the buffer), will own an entry to the log file records, this field data is the Web Proxy Server own IP.
2. Client user name (ClientUserName): If the Proxy client user name is known, it will show in this field. If you are an anonymous user, the value of this field is the "anonymous".
3. Client Agent (ClientAgent): This field is a proxy client to access Proxy server name. If the Web Proxy client, then the client application will connect the hair out of this information to the Web Proxy. If the WinSock Proxy client workstations on the WinSock client software will determine the actual name run through the control channel is passed to the WinSock Proxy. The field also contains important information about the guest operating system, the information agent name with a colon and separated. For Web Proxy clients, this information may be passed to the server in the connection in advance (or may not). For WinSock clients, this information is always passed through the WinSock client software to the server. An operating system to pass information from the Web Proxy client example: compatible; IE3; WIN95. Operating system information transmitted by a WinSock Proxy client looks like this: 2:4:0, which is code for Windows95. The following table is a WinSock Proxy log details the operating system code.


0:3.1 Windows 3.1
0:3.11 Windows for Workgroups
0:3.95 Windows 95 (connection made by a 16-bit client application.)
1:3.11 Windows for Workgroups (connection by a client using the Win32s extensions.)
2:4.0 Windows 95 (connection made by a 32-bit client.)
3:3.51 Windows NT 3.51
3:4.0 Windows NT 4.0


Web Proxy complete record of the field values of the sample is: Mozilla/2/0 (compatible; MSIE 3.0; Windows 95). WinSock Proxy complete record of the field values of the sample is: WS_FTP32.EXE: 2:4.0. Web Proxy records of the exact value of the field based on the client application sent in to do proxy connection to the Web Proxy header information to reflect those changes
4. Certification status (ClientAuthenticate): This field is a recognition that customers had connections, Y values on behalf of clients through the NT security database check.
5. Record date: Proxy Server to establish which record is the date
6. Record time (LogTime): Proxy Server to establish which records the time
7. Server name (ServerName): Logging in to the server name. When you select more log records, WspSrv behalf of WinSock Proxy, W3Proxy on behalf of Web Proxy. When choosing conventional logging, the field is two values, one on behalf of Web Proxy, 2 on behalf of WinSock Proxy.
8. Proxy Name: The NT servers running Proxy Server name. This is a NetBIOS name.
9. Submitted to the server name (Referring Server Name): This is the next in the current version is a reserved field. After the Proxy Server version will use it to save down the name of Proxy Server, the server is connected to the current Proxy Server. This mutual collaboration in a cascading Proxy server farm in a very useful
10. Objective Name (DestHost): This field is pointed out that the client connection through Proxy Server domain name. But not always the name of client connection requests, because the Internet to connect some sites automatically forwarded. If the information sent from the buffer (only the Web Proxy case), then the field is no content.
11. Purpose of IP address (DestHostIP): This field is saved customers through Proxy Server to connect the host IP address, the same as previous field, if given the information from the Web cache, the field is no content.
12. Destination port (DestHostPort): Proxy Server and the target site in the connection between the TCP / IP port. If no data is sent to the client, nor details of the field, the field is only used by the Web Proxy. WinSock Proxy No content in this field.
13. Processing time (ProcessingTime): Proxy Server for the client sending the message that it takes time (milliseconds). Once the proxy server result code received from the destination site, the clock stopped. If the information sent by the Web Proxy buffer in the field pointed out that the location information sent to the client how much time.
14. Send bytes (BytesSent): Proxy Server to send to the client in bytes. If there is no information to the client, this field may be empty. Only Web Proxy use of the field.
15. Receive bytes (BytesRecv): This field records Proxy Server from the client the number of bytes received. The size of the client the number of requests issued to Proxy. Like the previous one field, the field is only used by the Web Proxy. If the field in the Web Proxy log is empty, the client may not send data or do not provide size information.
16. Protocol name (Protocol): In the Web Proxy log, the contents of this field is: HTTP, FTP, Gopher, or Secure, according to the customer's agreement to use different. In the Winsock Proxy logs, the field is the number of client connections commonly used protocol (for example: SMTP connection of 110)
17. Transport: between the client and the Proxy Server using the transmission method. Web Proxy connection is always TCP. Winsock Proxy connection is TCP, UDP or IPX / SPX.

Usually every day automatically create a new log file, you can change weekly or monthly. When using the log file reaches the specified size, it will build a new log file

In the Web Proxy and WinSock Proxy services in the property, there is a log table. Two services are the same table.

After the completion of a log file when its name is based on the current date. For example, the log file is December 5, 1996-built, log file name is: w3961205. Log files in two formats: regular and detailed, the conventional format of the log is short, do not include all of the data elements in detail log contains a complete data model for conventional logs.

Detailed log sample

The definition of data fields
In order to understand the contents of the log file, here is the log file in the definition of each field, its order and you see the same log file. Remember that Web Proxy and WinSock Proxy log file format is the same. Conventional log does not omit any data field, only to reduce some amount of information.

1. Client-IP (ClientIP): This field client to connect to the Proxy IP addresses. When the Web Proxy activation of a buffer task (to be connected to the external WEB to refresh the contents of the buffer), will own an entry to the log file records, this field data is the Web Proxy Server own IP.
2. Client user name (ClientUserName): If the Proxy client user name is known, it will show in this field. If you are an anonymous user, the value of this field is the "anonymous".
3. Client Agent (ClientAgent): This field is a proxy client to access Proxy server name. If the Web Proxy client, then the client application will connect the hair out of this information to the Web Proxy. If the WinSock Proxy client workstations on the WinSock client software will determine the actual name run through the control channel is passed to the WinSock Proxy. The field also contains important information about the guest operating system, the information agent name with a colon and separated. For Web Proxy clients, this information may be passed to the server in the connection in advance (or may not). For WinSock clients, this information is always passed through the WinSock client software to the server. An operating system to pass information from the Web Proxy client example: compatible; IE3; WIN95. Operating system information transmitted by a WinSock Proxy client looks like this: 2:4:0, which is code for Windows95. The following table is a WinSock Proxy log details the operating system code.


0:3.1 Windows 3.1
0:3.11 Windows for Workgroups
0:3.95 Windows 95 (connection made by a 16-bit client application.)
1:3.11 Windows for Workgroups (connection by a client using the Win32s extensions.)
2:4.0 Windows 95 (connection made by a 32-bit client.)
3:3.51 Windows NT 3.51
3:4.0 Windows NT 4.0


Web Proxy complete record of the field values of the sample is: Mozilla/2/0 (compatible; MSIE 3.0; Windows 95). WinSock Proxy complete record of the field values of the sample is: WS_FTP32.EXE: 2:4.0. Web Proxy records of the exact value of the field based on the client application sent in to do proxy connection to the Web Proxy header information to reflect those changes
4. Certification status (ClientAuthenticate): This field is a recognition that customers had connections, Y values on behalf of clients through the NT security database check.
5. Record date: Proxy Server to establish which record is the date
6. Record time (LogTime): Proxy Server to establish which records the time
7. Server name (ServerName): Logging in to the server name. When you select more log records, WspSrv behalf of WinSock Proxy, W3Proxy on behalf of Web Proxy. When choosing conventional logging, the field is two values, one on behalf of Web Proxy, 2 representatives of WinSock Proxy.
8. Proxy Name: The NT server running Proxy Server name. This is a NetBIOS name.
18. Operation: Record transfusion Proxy Server implementation of the operation. Web Proxy to record GET, PUT, POST and HEAD. WinSock Proxy to record Connect, Accept, SendTo, RecvFrom and GetHostByName.
9. Submitted to the server name (Referring Server Name): This is the next in the current version is a reserved field. After the Proxy Server version will use it to save down the name of Proxy Server, the server is connected to the current Proxy Server. This mutual collaboration in a cascading Proxy server farm in a very useful
10. Objective Name (DestHost): This field is pointed out that the client connection through Proxy Server domain name. But not always the name of client connection requests, because the Internet to connect some sites automatically forwarded. If the information sent from the buffer (only the Web Proxy case), then the field is no content.
11. Purpose of IP address (DestHostIP): This field is saved customers through Proxy Server to connect the host IP address, the same as the previous field, if given the information from the Web cache, the field is no content.
12. Destination port (DestHostPort): Proxy Server and the target site in the connection between the TCP / IP port. If no data is sent to the client, nor details of the field, the field is only used by the Web Proxy. WinSock Proxy No content in this field.
19. Object name (Object Name): This field records the name of the object before the Web Proxy, WinSock Proxy log of the field is empty.
13. Processing time (ProcessingTime): Proxy Server for the client sending the message that it takes time (milliseconds). Once the proxy server result code received from the destination site, the clock stopped. If the information sent by the Web Proxy buffer in the field pointed out that the location information sent to the client how much time.
14. Send bytes (BytesSent): Proxy Server to send to the client in bytes. If there is no information to the client, this field may be empty. Only Web Proxy use of the field.
20. Object MIME: Web Proxy to use the field only. Records received by the MIME type of object. If the target server is not defined or not supported, this field will contain the following strings:
15. Receive bytes (BytesRecv): This field records Proxy Server from the client the number of bytes received. The size of the client the number of requests issued to Proxy. Like the previous one field, the field is only used by the Web Proxy. If the field in the Web Proxy log is empty, the client may not send data or do not provide size information.
MIME Type Definition
application / x-msdownload Application
16. Protocol name (Protocol): In the Web Proxy log, the contents of this field is: HTTP, FTP, Gopher, or Secure, according to the customer's agreement to use different. In the Winsock Proxy logs, the field is the number of client connections commonly used protocol (for example: SMTP connection of 110)
17. Transport: between the client and the Proxy Server using the transmission method. Web Proxy connection is always TCP. Winsock Proxy connection is TCP, UDP or IPX / SPX.
18. Operation: Record transfusion Proxy Server implementation of the operation. Web Proxy to record GET, PUT, POST and HEAD. WinSock Proxy to record Connect, Accept, SendTo, RecvFrom and GetHostByName.
image / gif GIF Image
image / jpeg JPG Image
19. Object name (Object Name): This field records the name of the object before the Web Proxy, WinSock Proxy log of the field is empty.
20. Object MIME: Web Proxy to use the field only. Records received by the MIME type of object. If the target server is not defined or not supported, this field will contain the following strings:
MIME Type Definition
application / x-msdownload Application
multipart / x-zip ZIP Archive
image / gif GIF Image
image / jpeg JPG Image
multipart / x-zip ZIP Archive
text / plain ASCII Text File
21. Object Source: Only Web Proxy, where the field comes from the record object. Recorded as follows:
n Field Value Definition
text / plain ASCII Text File
n Unknown Proxy Server could not determine where the object originated.
21. Object Source: Only Web Proxy, where the field comes from the record object. Recorded as follows:
n Cache Object found in cache.
n Field Value Definition
n Rcache Object found on Internet. Objects was added to cache.
n Vcache Object found in cache. Object was verified against target object on Internet.
n NVCache Object found in cache but could not be verified against target object on Internet. Object was still returned to client.
n VFInet Object found on Internet. Object could not be verifed against source.
n PragNoCacheInet Object found on Internet. HTTP header indicates that the object should not be cached.
n Inet Object found on Internet. Object was not added to the cache.
1. Result code (Result code): The field is connected to the Internet site to return the result code on the receipt of the object. The very wide range of field values, Web Proxy and the WinSock Proxy field in the record a different value. In the Web Proxy records where the value of less than 100 representatives of Windows error codes, between 100 and 1000 HTTP status code, the value of more than 10,000 are Wininet or WinSock error code. Web Proxy records of the three most common code is 200 (successful connection), 10060 (connection timeout), 10065 (does not meet the host). In the WinSock Proxy records, the value of this field is one of the following code:
Code Definition

n Unknown Proxy Server could not determine where the object originated.
n Cache Object found in cache.
n Rcache Object found on Internet. Objects was added to cache.
n Vcache Object found in cache. Object was verified against target object on Internet.
n NVCache Object found in cache but could not be verified against target object on Internet. Object was still returned to client.
n VFInet Object found on Internet. Object could not be verifed against source.
n PragNoCacheInet Object found on Internet. HTTP header indicates that the object should not be cached.
n Inet Object found on Internet. Object was not added to the cache.
1. Result code (Result code): The field is connected to the Internet site to return the result code on the receipt of the object. The very wide range of field values, Web Proxy and the WinSock Proxy field in the record a different value. In the Web Proxy records where the value of less than 100 representatives of Windows error codes, between 100 and 1000 HTTP status code, the value of more than 10,000 are Wininet or WinSock error code. Web Proxy records of the three most common code is 200 (successful connection), 10060 (connection timeout), 10065 (does not meet the host). In the WinSock Proxy records, the value of this field is one of the following code:
Code Definition

0 Successful Connection
1 Server Failure
2 Rejection by Proxy due to filtering
3 Network unreachable due to no DNS service available.
4 Host unreachable because no DNS entry could be found for the host.
5 Connection refused by target Internet site.
6 Unsupported client request (perhaps the client is using a non-compliant TCP / IP stack or the WinSock call is from a non-supported version.
7 Unsupported Address type.

0 Successful Connection
1 Server Failure
2 Rejection by Proxy due to filtering
3 Network unreachable due to no DNS service available.
4 Host unreachable because no DNS entry could be found for the host.
5 Connection refused by target Internet site.
6 Unsupported client request (perhaps the client is using a non-compliant TCP / IP stack or the WinSock call is from a non-supported version.
7 Unsupported Address type.

Detailed field and the general field
When you select a general record, some fields will be simple to use "-" to fill, detailed records will be recorded in front of the list of all known data. General log only records the following fields:
Client Computer IP
Client User Name
Authentication Status
Date Logged
Time Logged
Server Name
Destination Name
Destination Port
Protocol Name
Object Name
Detailed field and the general field
Object Source
Result Code

Reading log can sometimes be very confusing, because sometimes seems there is no record of the correct proxy server information. Most importantly, remember to keep the order of fields of Zhengque, and soon you could correctly understand their Le.



When you select a general record, some fields will be simple to use "-" to fill, detailed records will be recorded in front of the list of all known data. General log only records the following fields:
Client Computer IP

Client User Name
Authentication Status
Date Logged
Time Logged
Server Name
Destination Name
Destination Port
Protocol Name
Object Name
Object Source
Result Code

Reading log can sometimes be very confusing, because sometimes seems there is no record of the correct proxy server information. Most importantly, remember to keep the field in the correct order, and soon you will be able to correctly understand them anymore.








相关链接:



Daniusoft AAC Music Converter



Youtube FLV to Printers Platinum



Infomation Audio Players



ITunes Converter



mp4 Converter free download



Bluesea DVD to WMV



Audio file converter



Blue Cat''s Remote Control



video format for PS3



Mov to avi converter free



Youtube FLV to FLV Guide



Wizard Benchmarking



Yaease Flash To Video Studio



Top Compilers And Interpreters



No comments:

Post a Comment