On Tue January 7 2003 20:54, Mark Jenkins wrote:
> I have a quick question about how to stop people from using squid to
> relay mail. My proxy is running on port 3128 default, I do allow all
> for access. If I block port 3128 from the outside NIC will this end
> this threat?
> With squid are there any other ports by default that I need to close
> down from the outside world?
The only reason not to ignore and delete this yet another "I'm too
stupid/lazy/ignorant/whatever to read the least bit of documentation of
software I'm installing on my server" message is, that it is unbelievably
stupid and irresponsible to install fully open services/software to any
computer connected to Internet. Especially since in this case you've had
to CHOOSE to make it open.
It says rather clearly in the squid.conf.default:
# INSERT YOUR OWN RULE(S) HERE TO ALLOW ACCESS FROM YOUR CLIENTS
#
# And finally deny all other access to this proxy
http_access deny all
Had you read ANY documentation/archives on the issue you would know why
this is.
I am a bit harsh but I get too much shit from open relays every day as it
is. I am amazed almost daily how little people (apparently some kind of
sysadmins) care (in terms of learning what it is) what they install on
their servers. If it was your servers and computers on stake I wouldn't
bother but it's everyone else's as well.
And to answer your original question: yes, blocking traffic to a specific
port will prevent people using service on that port.
-- Mika Aleksandroff, Kymenlaakson AMK ________________________________________________ Words are a deceit, a shore no beach.Received on Tue Jan 07 2003 - 12:28:18 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:12:29 MST