Re: [squid-users] Fw:Re: [squid-users] squid 3.2.0.18 transparent nat interception

From: Pawel Mojski <pawcio_at_pawcio.net>
Date: Mon, 03 Sep 2012 14:16:53 +0200

W dniu 03-Sep-12 11:44, Amos Jeffries pisze:

[...]
>
> So you want to create what the security industry calls an "open
> proxy"? That is what NAT on external devices does. Anybody anywhere in
> the world can NAT packets into your proxy and Squid will log that they
> are coming from inside your Squid-3.1 box, you have zero control and
> zero protection.
[...]

Exacly.
But, when someone redirect traffic to my squid box will have to
transparent auth - my company deployed cookie-based transparent
authentication to squid. We are providing security web proxy with virus
protection, url filtering and parental-control.
It's based on ICAP (and little ecap) with squid upfront.

Regards;
Pawel Mojski
Received on Mon Sep 03 2012 - 12:17:03 MDT

This archive was generated by hypermail 2.2.0 : Tue Sep 04 2012 - 12:00:02 MDT