Re: [squid-users] Re: Squid authentication prompt

From: Henrik Nordström <hno@dont-contact.us>
Date: Fri, 7 Jun 2002 13:28:23 +0200

Wei Keong wrote:

> Another questions, is it possible to launch DOS attack to squid
> authentication?

Yes, by flooding Squid with invalid logins. Will make it a bit hard for new
users to log in as all the helpers will be busy processing the invalid
logins. Won't affect already logged in users much until their TTL expires.

> If yes, how do we prevent such attach?

By analyzing the log and then use a basebollbat on the responsible for the
attack.

Regards
Henrik
Received on Fri Jun 07 2002 - 05:28:34 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:08:29 MST