Re: [squid-users] Config just for my personal use. Secure?

From: Muthukumar <kmuthu_gct@dont-contact.us>
Date: Wed, 7 Apr 2004 09:29:50 +0530

> http_port *myip*:9876

You are configuring Squid on 9876 port.Check if there any service is running.
netstat -na | grep 9876

>authenticate_program /usr/lib/squid/ncsa_auth /etc/squid/passwd
>acl users proxy_auth "/etc/squid/passwd"
>acl password proxy_auth REQUIRED

What is the permission of /etc/squid/passwd file.Change it for only accessible by the root.

>http_access deny users
>http_access allow all
>proxy_auth_realm Squid proxy-caching web server

You are denying all users in the /etc/squid/passwd authentication file.

> Do you think that's enough and secure?
> I wish no-one can access it
> except me, with my login and password.

Do you want to restrict the access from anyother system using your login and passwd,then
deny their ip settings except your ip-address to your particular login .

acl rootuser proxy_auth <your-user-login>
acl rootip src <your-ip-address>
<snip>
http_access deny !src rootuser
Select a exact position to put this http_access in the http_access lists.

Regards,
Muthukumar.

---
===============  It is a "Virus Free Mail" ===============
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.651 / Virus Database: 417 - Release Date: 4/5/2004
Received on Tue Apr 06 2004 - 22:11:02 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:01 MDT