I’m currently working on setting up a proxy on my home computer to bypass my school’s blockers, and want to see if I can make any improvements to security. To be clear, I haven’t opened this to the internet yet, I’m asking BEFORE doing that.

The setup is thus: I have a squid server running on my linux laptop, which will only allow authenticated users through. It’s no longer listening to the default port (3128) and is instead listening to a port in the 10000-20000 range. I would have both my router and modem set to forward that same port, and my laptop’s local IP address is static.

This is a consumer internet connection, so Dynamic DNS, but I have a NOIP address ready to connect once I open the ports (already have the client installed and running, just throws an error on the website because it can’t get through the port.)

I’ll be connecting to my proxy server through the FoxyProxy extension, rather than through the Windows 11 control panel on my school laptop, because I dont have access to that specific part of the control panel.

That’s the sum total of the setup I’ve got thus far. It only needs to be able to support my lone connection, I’m not sharing this around. Any improvements to be made?

  • Shadow@lemmy.ca
    link
    fedilink
    English
    arrow-up
    4
    ·
    3 months ago

    Picking obscure ports doesn’t really add security, are you using authentication?

    • dudeami0@lemmy.dudeami.win
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      3 months ago

      It does when ya got nosey IT at a university whacking ports for standard proxy services. And doesn’t hurt to do it either, the port is arbitrary. Also they state:

      which will only allow authenticated users through.

      So it sounds like they have proper authentication enabled.