RE: [squid-users] SSL Tunnelling Exploit allowed through Squid?

From: Sheahan, John (PCLN-NW) <John.Sheahan@dont-contact.us>
Date: Thu, 10 Oct 2002 18:55:05 -0400

so, Bouncer should work by default as long it is setup to use an allowed
port?

-----Original Message-----
From: Robert Collins [mailto:robertc@squid-cache.org]
Sent: Thursday, October 10, 2002 6:37 PM
To: Sheahan, John (PCLN-NW)
Cc: 'squid-users@squid-cache.org'
Subject: Re: [squid-users] SSL Tunnelling Exploit allowed through Squid?

On Fri, 2002-10-11 at 06:30, Sheahan, John (PCLN-NW) wrote:
> There is a hackers tool out there called "Bouncer" that uses SSL
Tunnelling
> to get past all rules of a proxy server. You can check out the details at:
>
> http://www.r00t3d.org.uk/docs/bug.html
>
>
> My question is, does Squid support SSL Tunnelling? If so, is it on by
> default?

Squid supports the CONNECT method which is used for SSL Tunnelling. It
is on by default, but limited to certain ports. Also, the squid ACL's
dealing with domains and ip address's are always applied regardless of
method, so still apply to the CONNECT method.

Cheers,
Rob
Received on Thu Oct 10 2002 - 16:55:07 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:40 MST