* On 30/03/06 10:22 -0700, WebGal! wrote:
| Just saw something the other day that needs to be addressed.
|
| It appears, which we did not know, it can be determined if we are
| running squid when connecting to a server through our remote
| installation of squid. We would like to have this "feature" disabled,
| for obvious reasons. Would appreciate any thoughts about how to make
| our use of squid completely obscured.
|
| To see an example of what we are talking about visit the URL below
| through your squid proxy server, heck perhaps any proxy server...
|
| http://www.dnsstuff.com/tools/aboutyou.ch
|
| generates...
|
| Proxy Server: 1.1 host.XXXXXXXX.XXX:8065 (squid/2.5.STABLE12)
Security by obscurity :-)
Just make sure your Squid setup is secure by following the
recommendations. Just hiding it does not make it secure as you don't
block any brute force attempts directed towards it.
A network scan will still get your squid on whatever port!
-Wash
http://www.netmeister.org/news/learn2quote.html
DISCLAIMER: See http://www.wananchi.com/bms/terms.php
-- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington <wash@wananchi.com> Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Corruption is not the #1 priority of the Police Commissioner. His job is to enforce the law and fight crime. -- P.B.A. President E. J. Kiernan
This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:05 MST