Re: Squid "behind" a firewall

From: Dancer <dancer@dont-contact.us>
Date: Fri, 29 Oct 1999 03:31:59 +0000

Espen Lyngaas wrote:
>
> We've placed a Squid on our intranet (behind a firewall) and I've read the
> FAQ regarding Squid behind firewalls, but our setup is somewhat different,
> and I'm basically after what others have done in terms of security and such.
>
> Now, Squid is only allowed to open ports tcp/80 and tcp/443 out through the
> firewall.
>
> Obviously this limits squid very much :-) So we're reversing the rules so
> that Squid may open any port it wants, except ....
>
> Which ports should a machine running Squid not be able to open? Is there a
> list of 'recommended' ports/ranges somewhere?

The IANA maintains a list of ports from which you can figure what services are likely to be requested through your proxy (eg: 591, a rather unusual beast, but not uncommon
through a proxy these days)

D
Received on Thu Oct 28 1999 - 21:41:10 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:49:07 MST