Geek Answers Handbook

How to create a local web proxy without configuring browsers

How do Netnanny or k9 Web Protection configure web proxies without configuring browsers? How can I do that?

+6
installation
source share
7 answers

Use WinSock directly or at NDIS or the level of the hardware driver and then filter at these levels, like any firewalls. NDIS is an easy way.

Download this ISO image: http://www.microsoft.com/downloads/en/confirmation.aspx?displaylang=en&FamilyID=36a2630f-5d56-43b5-b996-7633f2ec14ff
He has many samples and tools to help you build what you want. After installing or burning to a CD and installing it, go to this folder: c:\WinDDK\7600.16385.1\src\network\ndis\

+6
source share

I think you need a transparent proxy server that supports WCCP.

Take a look at the Caching FAQ

And Wikipedia Entries for WCCP

With this setting, you just need to do some firewall configuration, and all your web traffic will be handled by a transparent proxy. And no configuration is required in your browser.

+2
source share

netnanny is not a proxy. It is tied to the host machine and browser (and, possibly, to other applications, and then filters all incoming and outgoing β€œcontent” from the machine / application.

In essence, Netnanny is a content management system compared to a destination management system (proxy).

The easiest way to redirect all traffic to a specific site to another address is to change the hosts file on the local host

+1
source share

You might want to read the explanation here: http://www.fiddlertool.com/fiddler/help/hookup.asp

This is how Fiddler2 achieves the insertion of a proxy between most applications and the Internet without changing applications (although there are many explanations on how to disable the default setting). This does not answer how NetNanny / K9, etc. works, as noted above, they do a little more and can be a little more intrusive.

+1
source share

I believe you are looking for BrowserHelperObjects . These little gizmos capture all the connection with the browser and as such can either remove ads from HTML (good thing), or redirect every second click to the spam site (bad thing), or just grab every URL you type and send it home, like all WebToolBars.

+1
source share

What you want to do is route all outgoing HTTP requests from your lan through a reverse proxy (e.g. squid ). This is a transparent web proxy setting .

There are various ways to do this, although I just installed it with OpenBSD and Linux; and using squid as a reverse proxy.

At a high level, you have a firewall with rules for sending all HTTP traffic related to external traffic to the local squid server. The squid server is configured to:

  • accept all http requests
  • redirects requests to real external hosts
  • cache response
  • send the response back to the requestor on the local LAN

You can then add more detailed rules to squid to control access to websites, filter content, etc.

I am sure that you can also get this functionality in different network devices. I am sure F5 has some products that do some or all of what I described, and probably Cisco. There may be other proxies besides squid that you can also use.

PS. I have no idea how K9 Web Protection or NetNanny works.

+1
source share

Squid can provide an interception proxy for the HTTP and HTTP ports, without configuring browsers, and also supports WCCP.

0
source share

More articles:


All Articles