W dniu 03-Sep-12 11:44, Amos Jeffries pisze:
[...]
So you want to create what the security industry calls an "open
proxy"? That is what NAT on external devices does. Anybody anywhere in
the world can NAT packets into your proxy and Squid will log that they
are coming from inside your Squid-3.1 box, you have zero control and
zero protection.
[...]
Exacly.
But, when someone redirect traffic to my squid box will have to
transparent auth - my company deployed cookie-based transparent
authentication to squid. We are providing security web proxy with virus
protection, url filtering and parental-control.
It's based on ICAP (and little ecap) with squid upfront.
Regards;
Pawel Mojski
