> Hello. I was trying to check whether there is some security hole or > issue with our squid &/or ICP that I should know about. I looked around > the www.squid-cache.org & the web, but didn't find anything relevant to > the case below. I'd appreciate any pointers. > The major security problems we are aware of are listed at http://www.squid-cache.org/Advisories/ Any of the 8 from SQUID-2004:2 and later may apply to your 2.5s5 squid. It is also an unsupported version. I would highly recommend upgrading to the current 2.6 stable release. > > BACKGROUND: > > > Someone from web site X claimed that someone from our site was launching > a DoS against them. The IP he gave was our proxy. It turns out someone > from our site *was* repeatedly trying to download a certain audio URL > (perhaps non maliciously). > Most likely you have a number of wireless clients wanting to see the video and the source isn't providing proper caching headers for it. That would make your squid (or anyones really) download it multiple times. <snip> Amos