Marton Sándor Zoltán wrote:
> > For a start, dont allow the server to be scanned by random users in the
> > first place.
> How could anybody do that ? I'm also interested in this matter.
Start by getting a book on practical TCP/IP security. The topic is way
to broad to be discussed here. How very much depends on what your
network layout are wrt security.
> > Bind the http port to an address only reachable by your users, or make
> > use of packet filtering to filter out what networks are allowed to even
> > try to talk to the proxy.
> Could You be a little bit more specific ? :-) I really want to learn how
> to do that.
* Firewalls
* Dual homed server
* See http_port directive in Squid.conf.
(sorry. not in a mood doing a described description of how to protect
TCP/IP servers/networks right now.. plenty of good books and articles on
that subject if you shop around a little)
-- Henrik Nordstrom Squid hackerReceived on Thu Jun 01 2000 - 08:56:11 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:53:49 MST