Re: [squid-users] Squid 3.0 Stable-8 How to Hide or Spoof User Agent?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Fri, 11 Nov 2011 13:19:54 +1300

On 11/11/2011 12:43 p.m., someone wrote:
> Squid 3.0 Stable-8:
>
> How to Hide or Spoof User Agent?
>
> Does anyone know how to achieve this, or what
> entries are required for the .conf ?

Erasure:
  request_header_access User-Agent deny all

Spoofing (er, "replacement") requires the erase above as well as a new
value to insert:
  request_header_replace User-Agent some new text

The reply_header_replace was broken in 3.0 series. You need 3.0.STABLE26
for that to work.

Speakign of which, 3.0.stable8 is extremely old now. Please consider an
upgrade. The current is 3.1.16 but you should at least have 3.0.STABLE26
for major security vulnerability protections.

>
> I have all my lan traffic automatically routed through
> a transparent squid cache running squid 3.0 stable 8.
> And everythings working great, I just thought masking my
> user agents would be another nice layer of security.
>

It is that and also a sure way to break any websites which rely on
browser detection instead of modern CSS mechanisms to present
browser-specific page formats. Unfortunately these are still common.
This is where the spoofing comes in. If you pick the spoofed browser
carefully (for HTML and CSS compliance matching yoru agent) the damage
is more restricted to sites which do that and also rely on those
features your agent can't handle.
  NP: if you have one of the modern compliant agents anyway (Firefox,
Chrome, Safari, Opera) with plugins not adding themselves toe the agent
string there is much less data leakage and you dont actually have to
worry about this.

Amos
Received on Fri Nov 11 2011 - 00:20:01 MST

This archive was generated by hypermail 2.2.0 : Fri Nov 11 2011 - 12:00:02 MST