Hello, I am running Squid on a Linux box which is also hosting a customer database (Oracle). I am concerned that by having the Proxy server on the same box as the database that I am introducing an increased security risk. e.g. an exploit in squid might mean that a hacker is able to gain access to my customer database. Assuming that my network is locked down so that the (external router) firewall has blocked all WAN->LAN traffic to our network on all ports am I correct in assuming that.... The only weakness is from an security exploit to squid being initiated from inside our network. The network user might potentially be duped to go to a boobytrapped web page which has the potential to exploit a security weakness in squid itself. Thanks in advance for your answers, I would like to be able to sleep soundly that my proxy server is not a security risk to my data. -- *David Hurcomb* IT Manager Metropolitan Police Friendly Society Ltd. (MPFS) Tel: 01689 891454 Fax: 01689 891455 Registered Address: Berwick House, 8/10 Knoll Rise, Orpington, Kent. BR6 OEL MPFS is authorised and regulated by the Financial Services Authority (Reg. No. 110026) Incorporated under the Friendly Societies Act 1992 and Registered in the UK No. 496F
