Re: [squid-users] BLock Http Tunnel

I've not said "is the best solution".

I've suggested to look into squid.conf file for that method,

note that disabling CONNECT method at all will make some services unusuable!

----- Original Message -----
From: "Tesla 13" <tesla1313@hotmail.com>
To: <squid-users@squid-cache.org>
Sent: Wednesday, February 12, 2003 12:06 PM
Subject: Re: [squid-users] BLock Http Tunnel

> Making something like this would render browsing useless for cache users.
>
> Port restrictions has no definitive effect here. For as long as there is
any
> allowed port for CONNECT, they can tunnel through that port.
>
> Tesla
>
> >From: "Federico Lombardo" <egopfe@hotmail.com>
> >To: Adaíl Oliveira <adail@estg.ipleiria.pt>,<squid-users@squid-cache.org>
> >Subject: Re: [squid-users] BLock Http Tunnel
> >Date: Wed, 12 Feb 2003 11:46:11 +0100
> >
> >make an ACL blocking CONNECT method :-)
> >
> >(note that some services just list https, use this method)
> >
> >btw, squid base ACLs are quite already secured because squid specify that
> >connect method is avaialbe only on specific ports, see it into squid.conf
> >file
> >
> >
> >Regards,
> >
> >
> >Federico
> >
> >
> >
> >----- Original Message -----
> >From: "Adaíl Oliveira" <adail@estg.ipleiria.pt>
> >To: <squid-users@squid-cache.org>
> >Sent: Wednesday, February 12, 2003 11:11 AM
> >Subject: [squid-users] BLock Http Tunnel
> >
> >
> >There is anyway to block httptunnel in a squid proxy server?
> >
> >
> >Thanks.
> >
> >
> >Adaíl Oliveira
>
>
> _________________________________________________________________
> Add photos to your messages with MSN 8. Get 2 months FREE*.
> http://join.msn.com/?page=features/featuredemail
>
Received on Wed Feb 12 2003 - 04:19:54 MST