Since the IPv4 address pool ran dry this month I decided it was high time I started practicing what I've been preaching for these last seven years and get DinkNet ready for World IPv6 Day on June 8th. Having dealt with the brain-dead technical support folks at my ISP too many times (once) in the past, I knew that wasn't the route to go, so I logged on to Hurricane Electric's IPv6 tunnelbroker site and signed up.
Now, all the boxes on my wired network have globally routeable IPv6 addresses.
No more stinking NAT.
All my IPv6 traffic leaves the DinkNet wrapped in my ISP's IPv4 packets (6in4, not 6to4) and travels to Hurricane's IPv6 NOC in California, from which it goes wherever on the world wide IPv6 network, and back again.
Unfortunately I'm stuck on this end with some IPv4-only junk that's gotta go. The proxy, SQUID 2.x, doesn't do IPv6. My wireless access point (not a wireless router) is a dinosaur. My DNS, on Windows 2003, isn't going to hack it, which is yet another nail in the Windows coffin I've been constructing.
Luckily, upgrading SQUID to 3.1.11 fixed the other two problems. Wireless IPv4 clients can get IPv6 content just by using the proxy and since it does the DNS lookups on behalf of the clients that fixes the Windows DNS problem. IPv6-only clients can get IPv4 content as well.
And, with the addition of an IPv6 router advertising daemon (radvd), DHCP and all its headaches are out the fucking door, baby! All the IPv6-aware clients, including kludgy old Windows XP, self-configure and pick up their own globally-routable IPv6 addresses.
World IPv6 Day, get ready for Hinky!
Showing posts with label SQUID. Show all posts
Showing posts with label SQUID. Show all posts
Wednesday, February 23, 2011
Monday, September 03, 2007
SOCKS Fucking
The updates went well. There were no issues at all. I got out of bed at around 6:15AM and no one was on either server, so I nailed it.
I spent most of the rest of the morning on my current project, fucking around with anonymous SOCKS proxy servers. Several weeks ago I ran across sockcheck.c and started hacking away at it.
Proxies have been the bane of my existence for the last ten years. It started when the company I used to consult for sent me to a class on Microsoft Proxy Server 1.0. After that, proxy servers became my problem.
1.0 was a piece of crap that was soon replaced by Proxy 2.0. Proxy 2.0 was yet another a piece of dookie until Microsoft rewrote the whole damned turd pile and decided to call it Microsoft Internet Security and Acceleration Server 2000 (or ISA Server 2000, as we poor IT folk know it).
Of course that was a piece of shit as well and was replaced four years later by ISA Server 2004.
And continuing their anal expulsive tradition last year Microsoft shat out ISA Server 2006. At the moment the next version is just now beginning to poke its little turtle head out of Microsoft's ass and will be delivered, complete with a new name (which escapes me at the moment) sometime in '08.
While Microsoft was exercising its bowels over the years I spread out, transferring my mad proxy skillz to SQUID, Dante, and mod_proxy for Apache.
Except for Dante, all these products are variations on the original CERN http proxy. That is, they are basically Web servers that take http and ftp requests for other Web servers. Those requests are stored (cached) to disk and wait to be fetched by the next user, who hopefully experiences a faster retrieval time since the request is served locally.
Dante is a SOCKS server. SOCKS servers don't typically cache Web requests and can proxy much, much more than http and ftp. The catch is the client program must know how to deal with a SOCKS proxy server. This must be built in to the software itself or additional software needs to be used in order to socksify the client program.
Unfortunately, 99% of Web traffic (that isn't SPAM) is http. As a result SOCKS servers tended to fall out of style outside of their traditional Unix environments.
But they persisted for years. In fact in the '90s anonymous SOCKS proxies were a bit of a problem, since they were used to distribute SPAM. This problem was so bad most major ISPs went on a search & destroy mission to eradicate them. And they did a fairly good job.
They still exist, but most won't proxy SMTP mail anymore. No matter, the SPAMmers have gone on to bigger and better things.
If you like anonymity and you don't like having your IP address known, SOCKS proxies are the way to go. Problem is, they are hard to find. Once found, they need to be tested.
And that's what got me interested in sockcheck.c.
I have been collecting SOCKS IP addresses and I've learned some interesting things I will be sharing with you about the state of anonymous SOCKS proxies in the 21st century.
I spent most of the rest of the morning on my current project, fucking around with anonymous SOCKS proxy servers. Several weeks ago I ran across sockcheck.c and started hacking away at it.
Proxies have been the bane of my existence for the last ten years. It started when the company I used to consult for sent me to a class on Microsoft Proxy Server 1.0. After that, proxy servers became my problem.
1.0 was a piece of crap that was soon replaced by Proxy 2.0. Proxy 2.0 was yet another a piece of dookie until Microsoft rewrote the whole damned turd pile and decided to call it Microsoft Internet Security and Acceleration Server 2000 (or ISA Server 2000, as we poor IT folk know it).
Of course that was a piece of shit as well and was replaced four years later by ISA Server 2004.
And continuing their anal expulsive tradition last year Microsoft shat out ISA Server 2006. At the moment the next version is just now beginning to poke its little turtle head out of Microsoft's ass and will be delivered, complete with a new name (which escapes me at the moment) sometime in '08.
While Microsoft was exercising its bowels over the years I spread out, transferring my mad proxy skillz to SQUID, Dante, and mod_proxy for Apache.
Except for Dante, all these products are variations on the original CERN http proxy. That is, they are basically Web servers that take http and ftp requests for other Web servers. Those requests are stored (cached) to disk and wait to be fetched by the next user, who hopefully experiences a faster retrieval time since the request is served locally.
Dante is a SOCKS server. SOCKS servers don't typically cache Web requests and can proxy much, much more than http and ftp. The catch is the client program must know how to deal with a SOCKS proxy server. This must be built in to the software itself or additional software needs to be used in order to socksify the client program.
Unfortunately, 99% of Web traffic (that isn't SPAM) is http. As a result SOCKS servers tended to fall out of style outside of their traditional Unix environments.
But they persisted for years. In fact in the '90s anonymous SOCKS proxies were a bit of a problem, since they were used to distribute SPAM. This problem was so bad most major ISPs went on a search & destroy mission to eradicate them. And they did a fairly good job.
They still exist, but most won't proxy SMTP mail anymore. No matter, the SPAMmers have gone on to bigger and better things.
If you like anonymity and you don't like having your IP address known, SOCKS proxies are the way to go. Problem is, they are hard to find. Once found, they need to be tested.
And that's what got me interested in sockcheck.c.
I have been collecting SOCKS IP addresses and I've learned some interesting things I will be sharing with you about the state of anonymous SOCKS proxies in the 21st century.
Subscribe to:
Comments (Atom)