Tommaso, You are right that the default squid.conf binds to all ip's But if you scroll down the the ACL section: acl all src 0.0.0.0/0.0.0.0 #Default: # http_access deny all So anyone from the net trying to use your proxy will get denied. You have to explicitly add acl's to allow any access to the proxy. Looks like the squid defaults are pretty secure. -Keith On 22/02/02 17:27 +0100, Tommaso Di Donato wrote: > > > I love Squid, and yes, default Squid configuration solves this problem... > But if you want a secure proxy, you have to change the parameter http_port > to listen only to your internal IP address!!! Default config is: > http_port 0.0.0.0 > so anyone from the internet can use your proxy (I fond a lot of server so > configured!!!!). Change it to > http_port 192.168.1.254 #private IP > > My 0.02... > > Tommaso Di Donato
