Re: [squid-users] Squid attack?

From: Paul <paulm.harvey@dont-contact.us>
Date: Sat, 24 Feb 2007 15:27:51 +0000

Well, its not that then - nothing in the access_log from apache.
I think I might need to wait until it happens again and do some
forensics then.
I'm a little concerned that there's something on my box that shouldn't
be there, but I've got good commercial AV software running, and very
good strong passwords, I'm the only account on there too. It would seem
unlikely, but I can't see how anything's getting though the firewall
right now....

On Sat, 2007-02-24 at 16:22 +0100, Henrik Nordstrom wrote:
> lör 2007-02-24 klockan 15:15 +0000 skrev Paul:
> > DAnsGuardian is on 8080 and that's closed to all but my lan. I do have
> > 5801 and 5901 open for remote desktop, but I doubt that's a problem.
> > Is there a way to misconfigure apache2 to enable open proxy?
>
> Yes, if you have mod_proxy enabled..
>
> you should see this traffic in the Apache access log files if that's the
> way if was/is done.
>
> Regards
> Henrik
Received on Sat Feb 24 2007 - 08:28:12 MST

This archive was generated by hypermail pre-2.1.9 : Thu Mar 01 2007 - 12:00:01 MST