On 1/23/19 6:44 PM, Amos Jeffries wrote: > For now all we can do is take the warnings seriously and find ways to > prevent the network behaviours that cause them. For the record, the above is an opinion rather than a fact or consensus. There are, of course, other (and far more realistic/useful) things we could do. For example, we could give the admin the choice of which "forgeries" should be classified as false positives and treated accordingly, and we could improve reporting of the "forgeries" so that the reporting itself does not become a problem. > The security issues this detection prevents are so nasty we consider > the pain worth the price of avoiding those outcomes. In many cases, it would be possible for admins to suffer virtually no "pain" while still "preventing security issues" and following best practices (such as keeping logging enabled). Alex. _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
