| Soren Aalto on Tue, 3 Apr 2001 12:05:55 +0200 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| RE: GLUG: Caching Server |
> > Do you perhaps know which of the two would be the most secure. I'm not sure what security you mean...probably Border Manager would be because: -- it's hard to maintain remotely (can you do a remote login to the BM box and actually admin the proxy over a low speed connection? I do this all the time with squid -- I think that one of the reasons I like to stick with Unix is that I have saved myself about a billion after hours trips to campus by owning a modem). -- I think that both Novell and MS caches can do user authentication based on the authentication scheme in force (NDS or SMB PDC) and so avoid HTTP proxy authentication. This, however, limits you to machines running the appropriate NDS/Windows client. Squid lets you plug in any helper program you want to do user authentication (I'm using a program that uses PAM to do the authentication for our students against shadow passwords at the moment). But I dunno if you can actually get squid to use an authentication scheme that doesn't use the HTTP authentication dialog in your browser...I suspect this would require changes to squid. But as a drop-in appliance, squid can be made perfectly secure -- provide only access through ssh for admin purposes. -- Soren Aalto <soren@xxxxxxxxxxxxxxx> Internet guy, University of Zululand If Bill Gates had a nickel for every time Windows crashed...oh wait, he does.