RE: [squid-users] authentication abuse

Look at the authenticate_ip_ttl and authenticate_ip_ttl_is_strict options of
Squid 2.4
It does not do exactly what you want, but is pretty close :)

> -----Original Message-----
> From: Peter Kassies [SMTP:p.kassies@ptt-post.nl]
> Sent: Tuesday, July 03, 2001 5:43 PM
> To: squid
> Cc: Jan Meerman
> Subject: [squid-users] authentication abuse
>
> Hello,
>
> I'm running:
> - Squid v2.3.3 (in a parent and child cluster)
> - NCSA (for user authentication purposes)
> - Junkbusters (to filter out the banners)
> - SARG (for analysis of the logfile)
>
> I've also created a script which does all the dirty work (clean up
> logfiles)
> automatically, so it's basically a "zero administration proxyservice" for
> about 20k users within our organisation.
>
> With NCSA we have a problem that people are "sharing" the same proxy
> account. This is very annoing, because we check on abuse reguarly and
> cannot
> determine who was responsible. Of course we can analyse the logfiles on
> ipaddresses, but this is a lot of work and does not solve the problem.
>
> What I really would like is to prevent users from using the same
> username/password at the SAME time. If a second/third person would use the
> combination, all users should be banned or have to re-authenticate
> themselves.
>
> When implemented this script is going to cause hell on our servicedesk,
> where people will complain that they cannot surf anymore. This is great,
> because we can check them if they really have an account.
>
> Is there such a tool?
>
> Peter Kassies
>
>
Received on Tue Jul 03 2001 - 10:11:33 MDT