Re: [squid-users] Squid performance degradation on Redhat linux 9.0 with security hole

Hi

AFAIK

you have make a ACL list rules, which you shoud allow only source address is
you LAN address and rest all you can Deny,

if you see too many request are coming in still even they are not accessing,
and getting lot of traffic from unknown IP, you can use iptables in the same
PC and allow thm required IP and required Ports, rest all you can Deny

this may help you to make your box stable from unknow attacks

hare

best Places to read

1. http://www.netfilter.org
2. http://www.linuxguruz.org
3. http://www.squid.org

----- Original Message -----
From: "Rajkumar Chandrasekaran" <rajkumarc_2000@yahoo.com>
To: <squid-users@squid-cache.org>
Sent: Sunday, May 11, 2003 2:48 PM
Subject: [squid-users] Squid performance degradation on Redhat linux 9.0
with security hole

> On redhat linux 9.0 when squid is running in
> transparent proxy mode there are some unknown
> ipaddresses which are contacting the pc on which squid
> is running and henceforth the performance of squid
> degrades to a great extent.The way on which this was
> identified was by the netstat command. also the
> process monitor shows a extensive increase in the use
> of cpu time cycles. is this a security bug or the
> resources in which squid is running is not enough. the
> resource on which squid is running is given below
>
> cpu clock speed:-866MHZ
> RAM:-512MB
> Swap space:-1GB
> Hard disk space:-10GB
>
> __________________________________
> Do you Yahoo!?
> The New Yahoo! Search - Faster. Easier. Bingo.
> http://search.yahoo.com
>
Received on Mon May 12 2003 - 00:41:43 MDT