Woo, yay for Adrian being behind the times.
Cool.
Adrian
On Sat, Jun 10, 2006, Henrik Nordstrom wrote:
> l??r 2006-06-10 klockan 20:32 +0800 skrev Adrian Chadd:
>
> > An example of someone using cachemgr.cgi to portscan arbitrary hosts.
> > What do you all think about adding in some basic configuration
> > to lock down which port/host the installed cachemgr.cgi is permitted
> > to look at?
>
> You mean something like the cachemgr.conf we have since 2.5.STABLE10?
>
> http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-cachemgr_conf
>
>
> # This file controls which servers may be managed by
> # the cachemgr.cgi script
> #
> # The file consists of one server per line on the format
> # hostname:port description
> #
> # Specifying :port is optional. If not specified then
> # the default proxy port is assumed. :* or :any matches
> # any port on the target server.
> #
> # hostname is matched using shell filename matching, allowing
> # * and other shell wildcards.
> localhost
>
>
>
> Regards
> Henrik
Received on Sat Jun 10 2006 - 19:41:21 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Jun 30 2006 - 12:00:02 MDT