Search squid archive

Re: remove all squid pages & errors pages footprints

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The first step would be to firewall your proxy and allow\use it only for
your real users.
Other IP’s should not have access to telnet\netcat or contact your service
port.

Eliezer

----
Eliezer Croitoru <http://ngtech.co.il/lmgtfy/> 
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer@xxxxxxxxxxxx
 

From: squid-users [mailto:squid-users-bounces@xxxxxxxxxxxxxxxxxxxxx] On
Behalf Of --Ahmad--
Sent: Sunday, November 20, 2016 13:22
To: Amos Jeffries <squid3@xxxxxxxxxxxxx>
Cc: squid-users@xxxxxxxxxxxxxxxxxxxxx
Subject: Re:  remove all squid pages & errors pages footprints

HI amos 

thanks for that info .

i already did as below :
1- i didn’t touch any squid files
and compiled with the option u told me and added the tcp reset acl.

that was fine when i open websites with error i was seeing” tcp reset “ and
thats fine .

but there is other stuff I’m worry about .

if someone do telnet to squid … he can  still squid headers 

check below :
Ahmads-MacBook-Pro:~ ahmad$ telnet x.x.237.187 4000
Trying 212.71.237.187...
Connected to li666-177.members.linode.com
<http://li666-177.members.linode.com> .
Escape character is '^]'.

get / HTTP /
HTTP/1.1 403 Forbidden
Server: squid/3.5.22
Mime-Version: 1.0
Date: Sun, 20 Nov 2016 11:18:21 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 5
X-Squid-Error: TCP_RESET 0
Content-Language: en
X-Cache: MISS from Googlechrome
X-Cache-Lookup: NONE from Googlechrome:4000
Connection: close

resetConnection closed by foreign host.
Ahmads-MacBook-Pro:~ ahmad$ 




as you see there are squid footprints above …. how can i hide it ??


i want to remove ((Server: squid/3.5.22))


again i want to protect squid from being scanned and flagged as open proxy 




cheers 








On Nov 19, 2016, at 1:19 PM, Amos Jeffries <squid3@xxxxxxxxxxxxx
<mailto:squid3@xxxxxxxxxxxxx> > wrote:

On 19/11/2016 11:40 p.m., --Ahmad-- wrote:

hi squid users .

im willing to have squid errors or any foot prints to be removed .

as an example if was error access denied or dns name problem …. i don’t
want any squid footprints to be shown .

i would prefer to have blank page better 

where should i look @  before compilation  ?

Please don't.

1) *Replace* all the files in errors/templates with empty files of same
name.

2) Build Squid with --disable-auto-locale.

3) add the following to squid.conf

 acl errors http_status 400-599
 deny_info TCP_RESET errors
 http_reply_access deny errors


Good luck dealing with the results (you are going to need it).

Amos

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
<mailto:squid-users@xxxxxxxxxxxxxxxxxxxxx> 
http://lists.squid-cache.org/listinfo/squid-users

<<attachment: winmail.dat>>

_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux