david_at_davidwbrown.name schrieb:
> Hello Squid users all, I have a bad situation partially resolved: the past few days I have been blind-sided by a Trojan based browser hijacking. A script from Trendmicro has allowed me to navigate the net w/o being redirected to a porn site or similar. Notwithstanding I can see from running wireshark the culprit that Trendmicro has not found the signature to as of yet.
(...)
First of all : it is a very bad idea to continue working on an infected
machine. You do not know what exactly has happened to the system.
The only sensible thing is to start with a freshly setup system.
> I am running: a Linux router/gateway, heavily firewalled (iptables)
Is this firewall also preventing access from the inside network to the
internet ("default deny") - because if not, using a proxy will not
prevent anybody from accessing the internet regardless what the proxy
setup is. squid translates requests that reach it; it has no means of
preventing internet access by other ways, e.g. directly. Since you say
you can ping the destination I assume that your firewall is not
preventing access to the sites in question.
Hope this helps,
Jakob Curdes
Received on Mon Feb 02 2009 - 23:00:17 MST
This archive was generated by hypermail 2.2.0 : Tue Feb 03 2009 - 12:00:02 MST