Workshops & Trainings

Upcoming Workshop / Event Detials
mission

Workshop Details


Workshop Name:
Comprehensive Course on Linux OS & Security: Week 2: Safe & Monitored Internet Browsing on CentOS
Core Setup & Configuration, Advanced Security, Performance Optimization & Monitoring

Organized By:
National Centre for Cyber Security - Air University, Islamabad

Date:
2nd May- 4th May, 2025

Duration:
3 Days (20 Hours - Friday, Saturday, Sunday)

Mode of Training:
On-site

Targeted Audience:
IT Professionals and Students

Payment Category:
Paid

For Professional:
PKR 25,000

For Students:
PKR 6,000 (Air University), PKR 8,000 (Other Universities)

Entertainment:
Lunch with two Tea Breaks per day (Saturday & Sunday)

Technical Content to be Covered:



Introduction & Squid Proxy Server Setup

  • Understanding Web Security & Threats
    • Common risks: Malware, Phishing, Unauthorized Access
    • Proxy vs Firewall vs IDS/IPS
  • Installing & Configuring Squid Proxy on CentOS
    • Installation and basic configuration (squid.conf)
    • Setting up a Transparent Proxy
    • Authentication Methods (LDAP, NTLM, Kerberos, Local Users)
  • Managing Web Traffic with ACLs (Access Control Lists)
    • Creating rules for Allow/Deny policies
    • Time-based and User-based ACLs

Content Filtering & Security Enforcement

  • Blocking & Filtering Web Content with SquidGuard
    • Installing and configuring SquidGuard
    • Creating custom blocklists (Porn, Gambling, Social Media, etc.)
    • Whitelisting & Blacklisting Domains
  • Integrating Squid with ClamAV for Antivirus Protection
    • Scanning HTTP traffic for malware
    • Blocking malicious downloads
  • Enhancing Security with iptables & Firewall Rules
    • Restricting unauthorized access
    • Limiting direct internet access for internal users

Bandwidth Management & SSL Interception

  • Bandwidth Optimization with Delay Pools
    • Setting limits for different users/groups
    • Prioritizing critical business traffic
  • SSL-Bump (HTTPS Interception)
    • Understanding HTTPS proxy challenges
    • Configuring Squid for SSL decryption
    • Bypassing decryption for banking & sensitive sites
  • Preventing Proxy Bypass & Secure Traffic Flow
    • Restricting direct access to external DNS
    • Forcing all internet traffic through Squid

Advanced Logging, Monitoring & Reporting

  • Real-time Web Usage Monitoring
    • Configuring Squid Logs (access.log, cache.log)
    • Analyzing logs with SquidAnalyzer & SARG
  • Generating Usage Reports for Policy Enforcement
    • Tracking user activity
    • Sending automated reports to administrators

Security Hardening, Performance Optimization & Incident Response

  • Securing Squid Proxy from Attacks
    • Preventing DoS Attacks
    • Locking down configuration files
  • Performance Tuning & Caching Optimization
    • Fine-tuning memory and disk cache
    • Optimizing for high traffic environments
  • Incident Response & Policy Enforcement
    • Detecting and mitigating security breaches
    • Enforcing company security policies
Hands-On Lab Setup
• Environment: CentOS-based Virtual Machines (VMs)
• Tools Used: Squid, SquidGuard, ClamAV, iptables, SARG, Delay Pools, SSL-Bump

Key Takeaways:


✔️ Set up and configure Squid Proxy for secure internet access
✔️ Implement content filtering with SquidGuard
✔️ Protect users with antivirus scanning for web traffic
✔️ Control bandwidth usage using delay pools
✔️ Secure HTTPS traffic with SSL-Bump
✔️ Monitor and log internet activity with SARG
✔️ Harden Squid Proxy against security threats

Registration

Registration:
"Register Yourself"