On Wed, Jan 06, 1999 at 11:24:46PM +0100, Herwig Wittmann wrote:
> Hello people, [1]
>
> Are there any real bad things (tm) users authorized to use a squid cache
> could do if I would replace the default Safe_ports acl with
> something like "acl Safe_ports 1-65535"?
>
> --- snip - squid.conf ---
> acl Safe_ports port 80 21 443 563 70 210 1025-65535
> http_access deny !Safe_ports
> --- snap ---
Well.. they could use your Squid as a telnet gateway, irc bouncer, and just
about anything else that works over TCP.
Greetz, Peter.
-- <squeezer> AND I AM GONNA KILL MIKE | Peter van Dijk <squeezer> hardbeat, als je nog nuchter bent: | peter@attic.vuurwerk.nl <squeezer> @date = localtime(time); | realtime security d00d <squeezer> $date[5] += 2000 if ($date[5] < 37); | <squeezer> $date[5] += 1900 if ($date[5] < 99); | -x- available -x-Received on Wed Jan 06 1999 - 15:28:04 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:43:55 MST