[KLUG Members] Bogus header for Squid

Bruce Smith bruce at armintl.com
Wed Mar 30 15:47:00 EST 2005

Previous message: [KLUG Members] Bogus header for Squid
Next message: [KLUG Members] Bogus header for Squid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > You're running a squid server exposed to the Internet?
>
> Nope. Internal only. Sorry, I should have clarified that. :)

Bummer, I was going to ask for the IP!  ;-)

> Squid ACL's are configured to only accept connections from localhost,
> but the port responds as open when scanning from the inside. Client PC's
> connect at a port other than 3128 for purposes of filtering. The path
> out looks like this:
> 
> client PC --> filter port --> 3128(localhost) --> web

OK, you're running some kind of squidguard package on the same box that
forwards valid requests thru squid?

> Is it possible and/or recommended to have an iptables rule to drop any
> traffic on 3128 except from localhost? That way it wouldn't respond. Am
> I right in thinking that?

Yeah, you can do that easily with iptables.  

Although I'm not sure what it's going to gain you as long as people
really can't set their browsers to use port 3128 and bypass the filter
(other than a cleaner nessus report).

 - BS

Previous message: [KLUG Members] Bogus header for Squid
Next message: [KLUG Members] Bogus header for Squid
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list