Analysis and Implementation of Microsoft Proxy Service System

Abstract: Based on practical application development experience, this article introduces the Microsoft Proxy service system and its implementation process in detail. Deeply analyzes the system's working mechanism. This allows you to correctly understand and understand the Microsoft Proxy service system when creating and maintaining an Intranet or local area network proxy system and effectively implement it.

Keyword: Proxy server Internet Proxy network in Intranet or some local networks, using Microsoft Proxy service system enables LAN users to access the Internet through a Proxy server, which saves the IP address, it also saves on connecting devices. In terms of internal information security, the proxy system can deny external Internet users to access Intranet network resources. Especially in a firewall system, the proxy server runs on the firewall to effectively implement internal and external information exchange. In terms of performance, it is almost the same as accessing the Internet with this workstation. It supports any Internet client application and provides various Internet services. Therefore, the proxy service system is a cost-effective connection solution.

1. Microsoft Proxy Server Operating Mechanism Microsoft Proxy Server is a powerful system, which includes the Web Proxy Server, Winsock Proxy Server, and Socks Proxy Server. The Web Proxy Server is compatible with the CREN communication standard and consists of a filter and an application. It is combined with the IIS Web server to receive service requests from the client through port TCP80. The filter determines whether the received HTTP request is in the proxy format or standard format. If it is in the standard format, it is handled by the local WWW server. If it is in the proxy format, it is handled by the proxy application. The proxy application first looks for the data in the proxy cache. If the data already exists and TTL is still valid, the data is retrieved from the cache. If no data exists, connect to the remote target server, and obtain data. Whether the proxy server obtains information from the cache or from an Internet remote server, it sends the information to the requester through the HTTP protocol on port 80. Winsock Proxy intercepts Winsock calls of the application to complete customer requests. Therefore, you must install the Winsock Proxy client software on the client to update the original Winsock dynamic link library of the client. Once an Internet application sends a Winsock call to a New Dynamic Linked database, it will communicate with the Winsock Proxy server on port 1745. The Winsock Proxy Server first searches for the target address in the local address table. If the target address exists, it is submitted to the original Winsock dynamic link library on the client for local request processing. Otherwise, it is redirected to the Microsoft Proxy Server, connect to the external network. Sock Proxy supports the SOCK4.3a protocol. The application system accesses the Internet through the SOCKS interface library and implements Proxy for TCP/IP, FTP, Telnet, and Gopher services. In general, the Proxy server mainly intercepts all Internet requests from users, and then replaces them with the Proxy server to obtain information from the target website and then pass the results back to the user host. In practical applications, you can choose to run one or two Proxy servers. It is worth mentioning that the last two Proxy servers do not provide the high-speed cache function.

2. Implementation of the Microsoft Proxy service system.
1. A typical Intranet proxy system can be expressed as follows: NT4, DNS, IIS, FTP, mail server, RAS, WINS, iis bbs news server proxy server ROUTERor modeminternetswitch hub ws in this system, the hardware part uses the high-speed port of the exchange hub to connect to the server, the client is connected to the multi-level hub through a common port, and the remote part is connected through the modem and telephone line or router and leased line. The software uses NT4.0, IIS, NETSCAPE Mail Server2.0, Netscape News Server2.01, and Microsoft Proxy Server2.0. The system can implement proxy for domestic and foreign websites or foreign websites only.

2. software installation and configuration
(1) software installation Web server: Install NT4.0, DNS, and IIS in sequence.

Proxy Server: Install NT4.0 and Service Pack3 for nt4.0rasras, run msp.exe to install Microsoft Proxy Server2.0, and generate the shared directory MSPclnt.

Mail and newsgroup servers: Install NT4.0, NETSCAPE Mail Server2.0, and Netscape News Server2.01 in sequence.

Client: Install Windows95, NETSCAPE communictor4.03, open the mspclntdirectory on the proxy server, run the setup.exe file, and install the agent client software.

(2) Open the "Start" button for Proxy Server configuration --> "program" --> "Microsoft Proxy Server" --> "Internet ServiceManager". The Server management window appears, double-click the Web, Winsock, and Socks Proxy Server names to enter the Configuration window. The service item contains four sub-items:

Packet Filter: sets whether to control IP packets sent from external networks to prevent illegal intrusion.

Security Domain Filters: sets personal computers, working groups, and domains that are not allowed to be accessed. Alerting: warns of suspicious data groups and sends administrative staff emails or records in NT Event Logs.

Configuration: Set the service and dial-up schedule to be dialing.

Auto DialCredential: Enter the name, user name, and password of the dial-up network.

Client configuration: sets the proxy server name or IP address, whether to automatically configure the Client browser, whether to access the Web site in the LAN through proxy without the Client IP address and domain name. Direct access without the IP address of the proxy.

Local Address Table: Enter the IP Address range of the Local network to distinguish the Internet IP Address.

Permissions items: Set the proxy user and access Permissions for each service item, such as FTP and WWW.

Caching item: Set the cache size. The protocol uses the cache to only save the information of those sites and the retention time.

Routing item: set the first proxy server, and whether to directly send data to the Internet or to the next proxy server.

Publishing item: Set the Web server name, path, and URL address for the published webpage.

(3) Run NETSCAPE Communictor4.03 in client configuration --> "edit" --> "Preferences" --> "advanced" --> "Proxy Server". If you select "manually configure Proxy Server ", click "View" and enter the proxy server address and port number. If you select "auto configure Proxy Server", enter the URL that provides the configuration file, and click "reload ".

3. Improve the efficiency of the proxy service system. Compared with the LAN, the remote network transmission speed is much slower. LAN users access the Internet through proxy services and one line, as the number of Internet users and information traffic increases, the proxy server may have a large workload, which requires improving the performance of the proxy server to effectively process internal and external network communications, it will not cause congestion or slow speed. To this end, the following countermeasures can be used. First, use a high-end microcomputer to reduce the CPU front-end running time, such as removing screen protection functions without running other applications. Second, remove other services from the proxy server, for example, DHCP service and Workstation Service. Third, set a large cache area so that the client can obtain data from the cache area as much as possible. Fourth, correctly configure the proxy system, the system runs securely and efficiently. Fifth, multiple proxy servers are used to evenly distribute network users.

The optimized system can process connections of dozens or hundreds of users.