It doesn't make sense... I set the limit to 50 and I run my scan and the vulnerability shows... I drop it back by 5 and run my scan... it show until I get to 20...the vulnerability goes away.... I increase the limit by 1 until I get to 25 where it shows back up... I drop back down to 24 ... still there Now, even if I set it to 5, the vulnerability shows Anyone know what is going on? Jason On Fri, Dec 17, 2010 at 9:35 AM, Jason Greene <jason@xxxxxxxxxxxxxxx> wrote: > On Thu, Dec 16, 2010 at 7:41 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx> wrote: >> On 17/12/10 10:38, Jason Greene wrote: >>> >>> I m trying to close a security hole >>> >>> >>> I want to use maxconn on ALL IPs >>> >>> acl limitusercon maxconn 3 >>> http_access deny all limitusercon >> >> Testing the "all" there is not useful. That should be just: >> >> http_access deny limitusercon >> >> ... making sure its placed at the top of your access controls so nothing >> doing an allow can bypass it. Right after the "deny CONNECT !SSL_Ports" >> should do. > > Thanks, I'll try this out. > >> >>> >>> But it doesn't seem to work and the hole still appears on a scan. >> >> What hole? > > > HTTP Proxy CONNECT Loop DoS > > >> >> >> Amos >> -- >> Please be using >> Current Stable Squid 2.7.STABLE9 or 3.1.9 >> Beta testers wanted for 3.2.0.3 >> >
