[KLUG Members] Bogus header for Squid

Tony Gettig tony at gettig.net
Wed Mar 30 14:58:51 EST 2005

Previous message: [KLUG Members] PKI root certificate Dutch government added to Mozilla and Firefox
Next message: [KLUG Members] Bogus header for Squid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Nessus reports that it is (correctly) finding something like squid at
port 3128 on the box I'm assessing. Specifically, it reports:

---------snip----------
The remote web server type is:

squid/2.5STABLE5

Solution: We recommend that you configure (if possible) your web server
to return a bogus Server header in order not to leack information.

---------snip----------

I've googled for this and only gotten other people's nessus reports with
the same recommendation. Is there a way to make squid return such a
thing? Or is this an innocuous false positive of sorts? Any pointers in
the right direction are appreciated.

Previous message: [KLUG Members] PKI root certificate Dutch government added to Mozilla and Firefox
Next message: [KLUG Members] Bogus header for Squid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list