This page is dedicated to our efforts of creating a transparent proxy solution portable accross several operating systems.
A proxy is a server-like program, receiving requests from clients, forwarding those requests to the real server on behalf of the user, and returning the response as it arrives.
Proxies read and parse the application protocol, and reject invalid traffic. So using proxies on a firewall to mediate requests means higher level of security, than packet filtering firewalls.
Simple, non-transparent proxying is somewhat difficult to manage and administer since each client program must be set up to use proxies.
To simplify management tasks of clients sitting behind proxy firewalls, the technique ‘transparent proxying’ was invented. Transparent proxying means that the presence of the proxy is invisible to the user. Transparent proxying however requires kernel support.
Real transparent proxying requires the following three features from the IP stack of the computer it is running on:
Item #1 is usually provided by packet filtering packages like Netfilter/IPTables, IPFilter.
All three were provided in Linux kernels 2.2.x, but support for this was removed.
A mailing list has been created for TPROXY related discussions. You can find it at https://lists.balabit.hu/mailman/listinfo/tproxy.
With 2017 now done and dusted, it’s time to think ...
Like many years before it, 2017 has seen a large ...
This is a guest post by Adrian Asher, CISO at London ...
“The [Balabit] solution’s strongest points are the privileged session management, recording and search, and applying policy filters to apps and commands typed by administrators on monitored sessions.”
– The Forrester Wave, Privileged Identity Management, Q3 2016, by Andras Cser