Law
Fully Optimized
- Messages
- 4,200
- Location
- the data closet
URL & Content Filtering with ezProxy.
Official home page @ http://www.lavasoftware.net/en/content/ezproxy/overview.htm
What is ezProxy?
ezProxy is an application layer firewall that allows multiple users on a LAN to access the Internet via a single shared connection, while protecting the valuable information on the network with the integrated proxy server/firewall.
What is this guide about?
This guide will help home users setup basic URL & content filtering using the free version of ezProxy. This guide will focus mainly on the firewall features but wonÂ’t dwell into many of the features that come with ezProxy. Parents who would like to know how to filter web sites can follow this guide.
Introduction
ezProxy is an application layer firewall, this mean it has to run on an operating system like Windows. Lets download it, you can get the latest version at the official homepage or at softpedia @ http://www.softpedia.com/get/Internet/Servers/Proxy-Servers/ezProxy.shtml
Because I find the homepage to be quite slow to navigate, I suggest getting it at softpedia or another website. The latest version is 2.7.2 build on 20061126 (November 11, 2006) as of this writing.
Installing
For home users, it would be better if we install the proxy server on the computer we would like to filter. Why? Because itÂ’s a much more effective way instead of using a centralize computer. Business users who have a lot of computers will find that installing the proxy server on a single centralize computer will make their administrative job a lot easier but will always require that single computer to be on. However, home users will find it easier if we install it on the computer being filter, because thereÂ’s really no single computer to always be on, and it doesnÂ’t really require making any changes to your current network. Hopefully you have administrative privileges on the computer youÂ’ll be installing it on.
IÂ’ll be using my scenario to guide you through this process. I have two computers, lets say ComputerA and ComputerB. I want to filter ComputerB, so IÂ’m going to install ezProxy on ComputerB.
Go ahead and unzip the file you just downloaded. A folder call ezproxy will be extracted. There should be a setup.exe file, click on that to begin the installation.
Click Next on the Welcome screen, click Yes to accept the license agreement, click Next to accept the default destination folder. The setup should install and finish configuring the application. Click Yes when it asks to start ezProxy after installation. Then Click Ok to exit.
The ezProxy Manager login prompt is introduced to you. Put in the default password of 1234 (you can change this later), Now the Proxy Wizard appears, Click Next on the “Check TCP/IP network, Click Next on “Connecting to the Internet” (Because we’re not doing this feature), On the “Add WWW proxy service” make sure “Any address (0.0.0.0)” is check and the default port is 8000, click Next. Click Next on the “ADD Mail proxy service” Click Next again, Click Finish.
Click on System>Option. Select Remote Control. In the Binding Address & Port, select 0.0.0.0 for Address, leave the default port at 7532. Click OK to save and exit.
You can change the password if you want. Click System>Change Password. Old password is 1234. Put in a new password. Click Ok to save and exit.
Now click File>Exit. The green ezProxy tray icon is still there, but we would like to configured ezProxy on another computer, the stealthy way. Right click on that green icon and select exit. ThatÂ’s just the application manager; it doesnÂ’t mean the service is disabled.
LetÂ’s make it stealthier by hiding it from the users. Go to the start menu, select run and type in services.msc
Locate ezProxy, notice on the startup type that itÂ’s set to manual. Well we want it to start up automatically. Double click on it, and on the startup type, select Automatic. Click Ok to change and exit.
We aren’t done yet, go back to the start menu, select all programs or program file if you’re on 2000. Notice the listing for exProxy, right click and delete that. A message stating “Modifying this folder will affect all users who log on to this computer. Do you want to continue?” Select Yes.
We arenÂ’t done just yet. Do you remember where you install ezProxy? Well the default installation should be located in C:\Program Files\Lavasoft, youÂ’ll see the folder ezProxy, right click on it and select Properties. Down at the Attributes, put a check on Hidden. Click Ok, a box will pop up, click OK on that.
Configure their browser.
For IE go to Control Panel>Internet Options. Select the Connections tab, select LAN settings. Check “Use a proxy server for your LAN…..” Make sure “Bypass proxy server for local addresses” is check. Click on the Advanced button. For HTTP put in 127.0.0.1 and 8000 for port. Check “Use the same proxy server for all protocols”. Click OK to finish and exit.
For Firefox 2.0>Options>Advanced>Network>Settings. Check Manual proxy configuration: Put in 127.0.0.1 for the HTTP Proxy: and port 8000. Check “Use this proxy server for all protocols. Click OK to save and exit.
Make sure you have a copy of ezProxy or you can always download it again. Delete the ezProxy installation file you downloaded to the computer so that no one will find out. Now all you have to do is restart the computer. Go back in and open up a command prompt (start>run>cmd) and type netstat –an
Notice that ezProxy is running by the TCP 0.0.0.0:8000 and itÂ’s listening for a connection. ThatÂ’s good, the following entry TCP 0.0.0.0:7532 indicate the remote management port itÂ’s listening on. Now we are done with computerB or your computer that youÂ’re trying to filter. And notice that thereÂ’s no indication it was installed, basically. Unless the user was smart enough to unhide the hidden files and folder and look at the running services.
Now while youÂ’re still at the command prompt, type in ipconfig /all and write down the Host Name and IP address.
Host name are important, if the IP address changes on the computer, the host name always stay the same (unless you always change it yourself).
Managing it from a remote computer.
This part is much more fun, youÂ’ll get the ability to manage the proxy server from a remote machine. Therefore giving you the stealth ability to do what you want without having to intrude on their computer while theyÂ’re using it.
First youÂ’ll have to install it on your machine, but you wonÂ’t be using it. YouÂ’ll just be using the manager to connect remotely. Remember my scenario, I had 2 computers, ComputerA and ComputerB. I installed the proxy server on ComputerB because IÂ’m going to be filtering it. ComputerA will be my management console.
So now I install ezProxy on ComputerA.
Go ahead and unzip the file you just downloaded. A folder call ezproxy will be extracted. There should be a setup.exe file, click on that to begin the installation.
Click Next on the Welcome screen, click Yes to accept the license agreement, click Next to accept the default destination folder. The setup should install and finish configuring the application. Click Yes when it asks to start ezProxy after installation. Then Click Ok to exit.
The ezProxy Manager login prompt is introduced to you. Now all you have to do is enter in the IP address or host name and password of the other computer where you install the proxy server.
YouÂ’ll be connected to it.
Start filtering.
HereÂ’s where the fun begins, lets start creating rules and filter to permit or deny web sites that we donÂ’t like. For my first scenario, IÂ’ll create a rule to deny myspace.com and permit the rest.
On your left you’ll see a little box, that’s your workspace. If you don’t see it, click View>Workspace. Now click on the Policy tab (that little pink book). Right click on the book and select “Add Policy”. I’ll call my Policy Name “Restricted Sites” and give it a little description “These websites have been block for ComputerB” and on the “If match the policy, Then” I will choose forbid. Click Ok. Now you’ll have a green book under the pink one, that’s your newly created policy. Right click on that green book, notice the selection call “Valid Time” I’ll get to that later, but for now select Rules. A box appear. Right click on that pink book and select “Add OR”, now right click on “Add OR” and select “Add Rule”. I’ll give my rule name “myspace.com”, and on the most left box, click on the drop down menu and select URL. On the middle box, select “contain” and on the right most box, put in myspace.com or whatever site you are blocking. Click OK to save, Click OK again to save and exit.
We aren’t done yet, you will have to add that policy to the www service. Back to your workspace, click on the Service tab. Notice under Service is the www service. Right click on it and select Properties. Click on the Policy tab. Click Add and select that policy you created. Click OK. Under where it says “If not match any policies, the connection is”, I want to select Permited because I’m denying myspace.com but permitting the rest. Don’t leave yet, click on the Security tab, notice those features where you can block Java and pop-ups and also the content of certain site you can specify in the content file to be filter. Pretty neat stuff. Just click OK for now.
YouÂ’re rules should be in place. Go ahead and test it out on the other machine, try to go to the website you restricted, if you did it correctly the webpage will not load.
Valid Time.
Remember the valid time when you right click on the policy? This is a feature that will help you determine when the rules will take place. Go ahead to the policy tab on your workspace and right click on your created policy and select Valid Time. Notice a box appear, the entire box are blue because this policy will work 24/7. You can determine when this policy takes place just by this feature.
So have fun with it. Oh did I mention this software is free. Take a look at the help file, this software gives you so many features you can take advantage of, not just filtering URL, you can share a single Internet connection, turn it into a caching only server, a firewall and so many.
Official home page @ http://www.lavasoftware.net/en/content/ezproxy/overview.htm
What is ezProxy?
ezProxy is an application layer firewall that allows multiple users on a LAN to access the Internet via a single shared connection, while protecting the valuable information on the network with the integrated proxy server/firewall.
What is this guide about?
This guide will help home users setup basic URL & content filtering using the free version of ezProxy. This guide will focus mainly on the firewall features but wonÂ’t dwell into many of the features that come with ezProxy. Parents who would like to know how to filter web sites can follow this guide.
Introduction
ezProxy is an application layer firewall, this mean it has to run on an operating system like Windows. Lets download it, you can get the latest version at the official homepage or at softpedia @ http://www.softpedia.com/get/Internet/Servers/Proxy-Servers/ezProxy.shtml
Because I find the homepage to be quite slow to navigate, I suggest getting it at softpedia or another website. The latest version is 2.7.2 build on 20061126 (November 11, 2006) as of this writing.
Installing
For home users, it would be better if we install the proxy server on the computer we would like to filter. Why? Because itÂ’s a much more effective way instead of using a centralize computer. Business users who have a lot of computers will find that installing the proxy server on a single centralize computer will make their administrative job a lot easier but will always require that single computer to be on. However, home users will find it easier if we install it on the computer being filter, because thereÂ’s really no single computer to always be on, and it doesnÂ’t really require making any changes to your current network. Hopefully you have administrative privileges on the computer youÂ’ll be installing it on.
IÂ’ll be using my scenario to guide you through this process. I have two computers, lets say ComputerA and ComputerB. I want to filter ComputerB, so IÂ’m going to install ezProxy on ComputerB.
Go ahead and unzip the file you just downloaded. A folder call ezproxy will be extracted. There should be a setup.exe file, click on that to begin the installation.
Click Next on the Welcome screen, click Yes to accept the license agreement, click Next to accept the default destination folder. The setup should install and finish configuring the application. Click Yes when it asks to start ezProxy after installation. Then Click Ok to exit.
The ezProxy Manager login prompt is introduced to you. Put in the default password of 1234 (you can change this later), Now the Proxy Wizard appears, Click Next on the “Check TCP/IP network, Click Next on “Connecting to the Internet” (Because we’re not doing this feature), On the “Add WWW proxy service” make sure “Any address (0.0.0.0)” is check and the default port is 8000, click Next. Click Next on the “ADD Mail proxy service” Click Next again, Click Finish.
Click on System>Option. Select Remote Control. In the Binding Address & Port, select 0.0.0.0 for Address, leave the default port at 7532. Click OK to save and exit.
You can change the password if you want. Click System>Change Password. Old password is 1234. Put in a new password. Click Ok to save and exit.
Now click File>Exit. The green ezProxy tray icon is still there, but we would like to configured ezProxy on another computer, the stealthy way. Right click on that green icon and select exit. ThatÂ’s just the application manager; it doesnÂ’t mean the service is disabled.
LetÂ’s make it stealthier by hiding it from the users. Go to the start menu, select run and type in services.msc
Locate ezProxy, notice on the startup type that itÂ’s set to manual. Well we want it to start up automatically. Double click on it, and on the startup type, select Automatic. Click Ok to change and exit.
We aren’t done yet, go back to the start menu, select all programs or program file if you’re on 2000. Notice the listing for exProxy, right click and delete that. A message stating “Modifying this folder will affect all users who log on to this computer. Do you want to continue?” Select Yes.
We arenÂ’t done just yet. Do you remember where you install ezProxy? Well the default installation should be located in C:\Program Files\Lavasoft, youÂ’ll see the folder ezProxy, right click on it and select Properties. Down at the Attributes, put a check on Hidden. Click Ok, a box will pop up, click OK on that.
Configure their browser.
For IE go to Control Panel>Internet Options. Select the Connections tab, select LAN settings. Check “Use a proxy server for your LAN…..” Make sure “Bypass proxy server for local addresses” is check. Click on the Advanced button. For HTTP put in 127.0.0.1 and 8000 for port. Check “Use the same proxy server for all protocols”. Click OK to finish and exit.
For Firefox 2.0>Options>Advanced>Network>Settings. Check Manual proxy configuration: Put in 127.0.0.1 for the HTTP Proxy: and port 8000. Check “Use this proxy server for all protocols. Click OK to save and exit.
Make sure you have a copy of ezProxy or you can always download it again. Delete the ezProxy installation file you downloaded to the computer so that no one will find out. Now all you have to do is restart the computer. Go back in and open up a command prompt (start>run>cmd) and type netstat –an
Notice that ezProxy is running by the TCP 0.0.0.0:8000 and itÂ’s listening for a connection. ThatÂ’s good, the following entry TCP 0.0.0.0:7532 indicate the remote management port itÂ’s listening on. Now we are done with computerB or your computer that youÂ’re trying to filter. And notice that thereÂ’s no indication it was installed, basically. Unless the user was smart enough to unhide the hidden files and folder and look at the running services.
Now while youÂ’re still at the command prompt, type in ipconfig /all and write down the Host Name and IP address.
Host name are important, if the IP address changes on the computer, the host name always stay the same (unless you always change it yourself).
Managing it from a remote computer.
This part is much more fun, youÂ’ll get the ability to manage the proxy server from a remote machine. Therefore giving you the stealth ability to do what you want without having to intrude on their computer while theyÂ’re using it.
First youÂ’ll have to install it on your machine, but you wonÂ’t be using it. YouÂ’ll just be using the manager to connect remotely. Remember my scenario, I had 2 computers, ComputerA and ComputerB. I installed the proxy server on ComputerB because IÂ’m going to be filtering it. ComputerA will be my management console.
So now I install ezProxy on ComputerA.
Go ahead and unzip the file you just downloaded. A folder call ezproxy will be extracted. There should be a setup.exe file, click on that to begin the installation.
Click Next on the Welcome screen, click Yes to accept the license agreement, click Next to accept the default destination folder. The setup should install and finish configuring the application. Click Yes when it asks to start ezProxy after installation. Then Click Ok to exit.
The ezProxy Manager login prompt is introduced to you. Now all you have to do is enter in the IP address or host name and password of the other computer where you install the proxy server.
YouÂ’ll be connected to it.
Start filtering.
HereÂ’s where the fun begins, lets start creating rules and filter to permit or deny web sites that we donÂ’t like. For my first scenario, IÂ’ll create a rule to deny myspace.com and permit the rest.
On your left you’ll see a little box, that’s your workspace. If you don’t see it, click View>Workspace. Now click on the Policy tab (that little pink book). Right click on the book and select “Add Policy”. I’ll call my Policy Name “Restricted Sites” and give it a little description “These websites have been block for ComputerB” and on the “If match the policy, Then” I will choose forbid. Click Ok. Now you’ll have a green book under the pink one, that’s your newly created policy. Right click on that green book, notice the selection call “Valid Time” I’ll get to that later, but for now select Rules. A box appear. Right click on that pink book and select “Add OR”, now right click on “Add OR” and select “Add Rule”. I’ll give my rule name “myspace.com”, and on the most left box, click on the drop down menu and select URL. On the middle box, select “contain” and on the right most box, put in myspace.com or whatever site you are blocking. Click OK to save, Click OK again to save and exit.
We aren’t done yet, you will have to add that policy to the www service. Back to your workspace, click on the Service tab. Notice under Service is the www service. Right click on it and select Properties. Click on the Policy tab. Click Add and select that policy you created. Click OK. Under where it says “If not match any policies, the connection is”, I want to select Permited because I’m denying myspace.com but permitting the rest. Don’t leave yet, click on the Security tab, notice those features where you can block Java and pop-ups and also the content of certain site you can specify in the content file to be filter. Pretty neat stuff. Just click OK for now.
YouÂ’re rules should be in place. Go ahead and test it out on the other machine, try to go to the website you restricted, if you did it correctly the webpage will not load.
Valid Time.
Remember the valid time when you right click on the policy? This is a feature that will help you determine when the rules will take place. Go ahead to the policy tab on your workspace and right click on your created policy and select Valid Time. Notice a box appear, the entire box are blue because this policy will work 24/7. You can determine when this policy takes place just by this feature.
So have fun with it. Oh did I mention this software is free. Take a look at the help file, this software gives you so many features you can take advantage of, not just filtering URL, you can share a single Internet connection, turn it into a caching only server, a firewall and so many.
