[squid-users] Digest Authentication and Brute Force Attack

From: <alberto.avi@dont-contact.us>
Date: Thu, 18 May 2006 15:08:43 +0200

Hello,

    I'm using Digest Authentication and H1 hash data (
H1=hash("userid":"realm":"password") ) are on an LDAP server.
My external authenticator read userid and realm from stdinput, make an
ldap search against LDAP server and then return to Squid the H1 hash on
stdoutput.

Can Squid notify me if the current user authentication go wrong ?

In fact, I think that my Squid 2.5.STABLE10 system is open to brute
force password attack.
In this situation in the access.log I see "TCP_DENIED/407" error
messages but I don't know who is the user under attack.
I'd like to know the userid under attack to suspend it at LDAP level.

Thank you for your attention.

Alberto.
Received on Thu May 18 2006 - 07:08:48 MDT

This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT