Re: [squid-users] p2p and squid

From: Frank Bonnet <f.bonnet@dont-contact.us>
Date: Wed, 23 Jan 2008 14:44:46 +0100

Leonardo Rodrigues Magalhães wrote:
>
>
> Marcus Kool escreveu:
>> Yes, indeed Squid *does* support P2P using HTTPS tunneling.
> just to make things clear ..... squid supports connection tunneling
> and not only HTTPS tunneling. A misconfigured squid can be used, for
> example, by worms to send spam emails !!! worms can connect to squid
> port (3128) and issues 'CONNECT' to port 25 and it will work !!!
>
> It can tunnel, as it seems to me, any kind of TCP connection and not
> only HTTPS ones.
>
>> You may use the free ufdbGuard Squid redirector to block
>> HTTPS tunneling.
>> ufdbGuard can also block HTTPS sites which have no valid certificate
> VERY VERY BAD idea on the real world :)
>
>> and sites which have no FQDN in the URL.
> very GOOD idea :)
>

OK thanks a lot for your "lights" , I think the easyiest way
for me would be protocol filtering done by the firewall ...
Received on Wed Jan 23 2008 - 06:44:59 MST

This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST