[KLUG Members] Bogus header for Squid

Tony Gettig tony at gettig.net
Wed Mar 30 15:56:31 EST 2005

Previous message: [KLUG Members] Bogus header for Squid
Next message: [KLUG Members] KLUG Meeting Notes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, 2005-03-30 at 15:44 -0500, Adam Tauno Williams wrote:
> > Nessus reports that it is (correctly) finding something like squid at
> > port 3128 on the box I'm assessing. Specifically, it reports:
> > ---------snip----------
> > The remote web server type is:
> > squid/2.5STABLE5
> > Solution: We recommend that you configure (if possible) your web server
> > to return a bogus Server header in order not to leack information.
> > ---------snip----------
> 
> That recommendation is just silly.  If you don't trust squid to run
> exposed, then don't run squid exposed.  
> 
> And why are you running squid exposed?

Is this a problem? :D

Actually, it's internal only. Looks like you hit send on your reply just
about the time my reply to Bruce came through.

Previous message: [KLUG Members] Bogus header for Squid
Next message: [KLUG Members] KLUG Meeting Notes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list