On Wednesday 15 August 2018 at 21:09:57, Oldman wrote:
I won't change any thing unless I am sure here.
On 15.08.18 21:20, Antony Stone wrote:
Well, you've certainly changed quite a lot of the standard config in the file
you showed us earlier.
What was dangerous ? Did you mean I could be hacked with that
configuration file?
I seriously doubt you can be "hacked" (whatever you specifically mean by that)
but only because you are running the Squid proxy on a domestic network and it
is therefore almost certainly unreachable from the Internet.
in which case I ask if you (OP, Oldman) are really sure that your proxy is
not accessible from the internet.
Otherwise, any weak password in /etc/squid/passwd can be guessed by
attackers and your squid could be abused.
However, defining "safe ports" to be "any port at all" means your proxy can be
used for quite a number of protocols other than HTTP/S (for example, SMTP) and
since this is almost certainly not what you want this proxy to be (ab)used
for, you should stick the the default definition of safe ports which is
designed to prevent this sort of abuse.
Just out of interest, what made you make the changes you did to the standard
config?
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
