HW09

Last modified by superadmin on 2018-01-12 20:30

HW09 - ICAP service

Internet Content Adaptation Protocol defined in RFC 3507 is intended to intercept the HTTP communication and to modify/filter content accordingly to some rules. In this exercise you can configure any ICAP interceptor service with some general-purpose HTTP server (such as Apache behind a Squid) to intercept certain requests and filter some of them (i.e. redirect or modify certain potentially malicious HTTP requests). 

icap_schema.jpg 

Examples would include:

  • Intercepting comments being added to an XWiki site. If they contain any "forbidden words", then replace them by some preset string "*beep*" or "*expletive*"
  • Track all files being uploaded to a Web server via HTTP protocol; check them against ClamAV anti-virus software to see, if they do not contain viruses. If they do, log the event and show a redirect page with a warning message to a client who attempted the download. 

The expected result of this activity is a Linux configuration instruction, which tells exactly what to configure on the Linux, how to change Apache2 or Squid settings, what new software (Python scripts? Java code?) to add for ICAP support, in order to achieve some non-trivial behavior of the ICAP protocol. 

Tags:
Created by Kalvis Apsītis on 2007-10-21 18:37
    
This wiki is licensed under a Creative Commons 2.0 license
XWiki Enterprise 6.4 - Documentation