Re: [squid-users] p2p and squid from Leonardo Rodrigues Magalhães on 2008-01-23 (squid-users)

From: Leonardo Rodrigues Magalhães <leolistas@dont-contact.us>
Date: Wed, 23 Jan 2008 11:24:08 -0200

Marcus Kool escreveu:
> Yes, indeed Squid *does* support P2P using HTTPS tunneling.
just to make things clear ..... squid supports connection tunneling
and not only HTTPS tunneling. A misconfigured squid can be used, for
example, by worms to send spam emails !!! worms can connect to squid
port (3128) and issues 'CONNECT' to port 25 and it will work !!!

It can tunnel, as it seems to me, any kind of TCP connection and not
only HTTPS ones.

> You may use the free ufdbGuard Squid redirector to block
> HTTPS tunneling.
> ufdbGuard can also block HTTPS sites which have no valid certificate
VERY VERY BAD idea on the real world :)

> and sites which have no FQDN in the URL.
very GOOD idea :)

-- 
	Atenciosamente / Sincerily,
	Leonardo Rodrigues
	Solutti Tecnologia
	http://www.solutti.com.br
	Minha armadilha de SPAM, NÃO mandem email
	gertrudes@solutti.com.br
	My SPAMTRAP, do not email it

application/x-pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Wed Jan 23 2008 - 06:24:24 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST