> > You get TCP_DENIED errors because the ports used, in this
> > case 5190 and 1863 are not listed in your SSL_ports acl.
>
> Aha, I didn't know it was trying to connect through SSL, both
> of them...
>
> > Allowing SQUID's CONNECT , for such applications has be
> done with care.
> > Avoid proxy abuse and or or 'unwanted' proxy behavior
> towards the outside world.
>
> What do you mean exactly?
>
Well SQUID's CONNECT method ,allows it to make a TCP connection
to any allowed (SSL) port in squid.conf. Letting 'side applications' use this
feature can compromise your SQUID, in the sense that it can be used for
relaying attacks, for instance.
M.
Received on Mon May 17 2004 - 08:42:52 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:01 MDT