Search squid archive

Re: security risk ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ralf Hildebrandt wrote:
* RoLaNd RoLaNd <r_o_l_a_n_d@xxxxxxxxxxx>:

i've visited the following site : http://whatismyipaddress.com/ and found out that i may have misconfigured a security feature in squid as it gives out it's info without any restrictions..

No. It gives out some required IDs needed to close security risks and occasional routing issues as well.

http://wiki.squid-cache.org/SquidFaq/SecurityPitfalls


for example visiting the site above would result to :


Proxy Server Detected!
(proxy test results)Proxy Server IP address: X.X.X.X Proxy Server Details: 1.1 AynaProxy:3128 (squid/2.6.STABLE21)Proxy Reports IP as: 192.168.75.139


what have i missed ? how can i stop this ?!

Look at the disclose_x_forwarded_for option


No such option.

whatsmyip is looking at many different things. That particular detection message is due to a combination of the Via: unique-id assigned to squid 2.6STABLE21 used to prevent HTTP forwarding loops. Along with the visible_hostname you set in your squid.conf and the original IP address of the proxy client.

Amos
--
Please be using
  Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15
  Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux