I have found an extension that might be possible, thanks to someone. =w=
Squid Log Parser with Spoofing Detection.
One thing to note, though. I'm not really sure how will the spoofer detection will fit in with a log parser..
So yeah, this is not yet set on stone.
What I envision is that this SP will make a squid log parser that checks all of the clients connected and the information of their connection (bandwidth, time, etc). It will use Squint, an open-source squid log parser, or if possible, something from scratch.
The spoofer detector traces IPs that are masking themselves as others to illegally access other resources. It won't do anything about the culprit, it will just trace it's true IP.
So yeah, that's basically it. Further research is needed, because most likely this feature has already been implemented on squid proxy servers.. or much worse, this detector is impossible to implement in this set-up.
I plan on talking to my adviser later about this matter.
Until then.
Baron, can you elaborate further on the spoofing part.
ReplyDelete