Search squid archive

Re: Squid 3.0 Stable-8 How to Hide or Spoof User Agent?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 11/11/2011 12:43 p.m., someone wrote:
Squid 3.0 Stable-8:

How to Hide or Spoof User Agent?

Does anyone know how to achieve this, or what
entries are required for the .conf ?

Erasure:
 request_header_access User-Agent deny all

Spoofing (er, "replacement") requires the erase above as well as a new value to insert:
 request_header_replace User-Agent some new text

The reply_header_replace was broken in 3.0 series. You need 3.0.STABLE26 for that to work.

Speakign of which, 3.0.stable8 is extremely old now. Please consider an upgrade. The current is 3.1.16 but you should at least have 3.0.STABLE26 for major security vulnerability protections.


I have all my lan traffic automatically routed through
a transparent squid cache running squid 3.0 stable 8.
And everythings working great, I just thought masking my
user agents would be another nice layer of security.


It is that and also a sure way to break any websites which rely on browser detection instead of modern CSS mechanisms to present browser-specific page formats. Unfortunately these are still common. This is where the spoofing comes in. If you pick the spoofed browser carefully (for HTML and CSS compliance matching yoru agent) the damage is more restricted to sites which do that and also rely on those features your agent can't handle. NP: if you have one of the modern compliant agents anyway (Firefox, Chrome, Safari, Opera) with plugins not adding themselves toe the agent string there is much less data leakage and you dont actually have to worry about this.

Amos


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux