RE: [squid-users] public squid proxy from James Zuelow on 2010-06-04 (squid-users)

From: James Zuelow <James_Zuelow_at_ci.juneau.ak.us>
Date: Fri, 4 Jun 2010 08:18:43 -0800

Prashant K.S <mailto:ksprashant_at_yahoo.com> scribbled on Thursday, June 03, 2010 5:43 PM:

> Hi Henrik,
>
> I have a NTLM client which I have to test against a squid proxy.
>
> Regards,
> Prashant
>
>

Prashant:

For you to test against a public proxy with NTLM, the operator would have to give you domain credentials to use so you could test a successful authentication. You would also need permission to see the server logs. You couldn't just point your client at a random NTLM proxy and test.

It's best to have all of the pieces of your test under your control. It wouldn't be difficult or very expensive.

Get an evaluation version of a recent Windows Server offering. Evaluation versions are easy to find, and typically come wrapped with handy documentation. For example [1] and [2] will both provide an eval version.

Install it on a virtual machine and create a domain. For a simple domain controller you won't need a very powerful virtual machine.

Install squid on a second virtual machine and point it at your domain. Again, this squid instance (together with any Samba components you need) will not need a lot of resources if you're just testing authentication.

Test away.

You could put the virtual Windows server and the virtual squid proxy on a single PC running something like VirtualBox. I would try to get at least 2GB of RAM for the PC, but you could probably scrape by with less if you don't have that much available. Remember that Microsoft will suggest a certain amount of memory for their server products but in your case you are just performing domain authentication for tests so you could get away with much less than their recommendations.

Bonus: You'll learn a lot more about how all the pieces fit together as you test than if you just borrow someone else's infrastructure. If you decide NTLM is old and want to try Kerberos, you already have all the bits in place and can modify your client accordingly.

Cheers,

James

[1] http://www.amazon.com/MCITP-Self-Paced-Training-Exam-70-646/dp/0735625107/
[2] http://www.amazon.com/MCTS-Self-Paced-Training-Exam-70-640/dp/0735625131/
Received on Fri Jun 04 2010 - 16:18:50 MDT

This archive was generated by hypermail 2.2.0 : Tue Jun 08 2010 - 12:00:05 MDT