Re: [squid-users] Config just for my personal use. Secure?

----- Original Message -----
From: "Muthukumar" <kmuthu_gct@hotmail.com>
To: "Francisco Lopes" <falmp@terra.com.br>; <squid-users@squid-cache.org>
Sent: Wednesday, April 07, 2004 9:29 AM
Subject: Re: [squid-users] Config just for my personal use. Secure?

>
> > http_port *myip*:9876
>
> You are configuring Squid on 9876 port.Check if there any service is running.
> netstat -na | grep 9876
>
> >authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd
> >acl users proxy_auth "/etc/squid/passwd"
> >acl password proxy_auth REQUIRED
>
> What is the permission of /etc/squid/passwd file.Change it for only accessible by the root.
>
> >http_access deny users
> >http_access allow all
> >proxy_auth_realm Squid proxy-caching web server
>
> You are denying all users in the /etc/squid/passwd authentication file.
>
> > Do you think that's enough and secure?
> > I wish no-one can access it
> > except me, with my login and password.
>
> Do you want to restrict the access from anyother system using your login and passwd,then
> deny their ip settings except your ip-address to your particular login .
>
> acl rootuser proxy_auth <your-user-login>
> acl rootip src <your-ip-address>
> <snip>
> http_access deny !src rootuser

change the setting as
    http_access deny !rootip rootuser

If you want to allow only your system to access with that user then

 http_access allow rootip rootuser
 http_access deny all

> Select a exact position to put this http_access in the http_access lists.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.651 / Virus Database: 417 - Release Date: 4/5/2004