The "password" can be changed quite easily from squid.conf, as you
probably know.
If the user want's to hide the fact that they are using Squid, this is
only one of many things they must consider. For example, the HTTP
standards requires Squid to identify itself in a number of different
locations, and even if you change the password, the sequence of commands
used by Squid probably is sufficient to fingerprint it within reasonable
doubt.
I don't think we plan on changing the default anonymous FTP "password"
in Squid.
Regards
Henrik
eperez@dei.inf.uc3m.es wrote:
>
> Hello !
>
> I've seen you are sending "Squid@" as PASS in anonymous ftp.
>
> You should use "anonymous@" as newer ftp clients do.
>
> Problems with your approach:
> - Sending anything that's not anonymous@ as password is not
> anonymous by definition
> - Spyware is not a good idea, most users don't like it.
>
> Important components that start to use it:
> http://webcvs.kde.org/cgi-bin/cvsweb.cgi/kdelibs/kio/ftp/ftp.cc.diff?r1=1.151&r2=1.152
> http://webcvs.kde.org/cgi-bin/cvsweb.cgi/qt-copy/src/network/qftp.cpp.diff?r1=1.14&r2=1.15
> http://cvs.gnome.org/bonsai/cvsview2.cgi?diff_mode=context&whitespace_mode=show&root=/cvs/gnome&subdir=/gnome-xml&command=DIFF&root=/cvs/gnome&file=nanoftp.c&rev1=1.38&rev2=1.39
>
> I send you the bugfix.
>
> ------------------------------------------------------------------------
--- squid/src/cf.data.pre Mon Oct 22 14:40:23 2001
+++ squid/src/cf.data.pre Sat Oct 26 17:30:52 2001
@@ -1005,7 +1005,7 @@
NAME: ftp_user
TYPE: string
-DEFAULT: Squid@
+DEFAULT: anonymous@
LOC: Config.Ftp.anon_user
DOC_START
If you want the anonymous login password to be more informative
Received on Sat Oct 27 2001 - 07:08:46 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:14:35 MST