Re: [squid-users] URL too large workaround from Henrik Nordstrom on 2005-01-25 (squid-users)

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Tue, 25 Jan 2005 12:08:09 +0100 (CET)

On Mon, 24 Jan 2005, Irfan DP wrote:

> dear Hendrik,
>
> This is just example the type of URL that have been ruled-out because URL is too big too handle by squid. But, I denied anyway.
> It might be a kind of worm or anything else.
>
> 1106552354.109 4685 202.xxx.xxx.123 TCP_DENIED/400 65598 SEARCH http://202.xxx.xxx.194:80/%90%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c
9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%
c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%!
c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%
c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9
%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9!
%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9
%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c
9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c!
9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%c9%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%9
0%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%
90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%90%!
90%90%90%90%90%90%90%90%90%90%90%90%90

Looks like someone/something trying to exploit a buffer overflow in the
web server, trying to hack the web server.

So it's a good thing this gets trapped by Squid as it makes it impossible
for your users to attack others web server in this manner, protecting you
from being accused of being a security hazard.

Regards
Henrik
Received on Tue Jan 25 2005 - 04:08:12 MST

This archive was generated by hypermail pre-2.1.9 : Mon Mar 07 2005 - 12:59:36 MST