This is not a squid question, this is common sense:
You should secure any machine which gets close to the "evil" internet.
I hope there is a firewall between your ISP and your proxy, otherwise
your squid may be in the wrong hands right now.
Be paranoid. If you don't have an extra firewall, i.e. you hook up the
squid directly to the ISP, be extra paranoid:
- disable all unnecessary services
- get the latest security patches
- bind all services explicitly to the NIC's where they belong to
- you seem to be on linux, think about hardening your machine
(grsecurity, kernel with no module support).
- enable a strong firewall policy
- scan your machine from the outside for open ports
- do not use insecure services like telnet
If you don't want to create your rules from scratch, look for building
tools or distributed firewall scripts. If you want to have maximum
control, learn iptables and write your own. There are many iptables-FAQ
available on the net. Rusty Russel's iptables HOWTO for instance.
A good starting point is here:
Regards, Hendrik Voigtländer
Simone Nanni wrote:
> Hello everybody.
> I'm a newbie in Squid administration.
> I have configured SQUID 2.5 stable5 in my Linux RedHat 9 machine that has
> two ethernet intefaces:
> - eth0 with a public IP (the one that i obtained by my ISP)
> - eth1 with a private LAN ip (10.41.x.x)
>
> In squid.conf i allow to use the proxy service only to hosts in my subnet
> (10.41.0.0/16).
> I have to configure a firewall policy (iptables?) to secure it??
> What kind of rules i have to use??
> Thanxs in advance.
Received on Fri May 28 2004 - 14:24:07 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Jun 01 2004 - 12:00:02 MDT