Re: [squid-users] security risk ?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sat, 13 Jun 2009 12:05:54 +1200

Ralf Hildebrandt wrote:
> * RoLaNd RoLaNd <r_o_l_a_n_d_at_hotmail.com>:
>
>> i've visited the following site : http://whatismyipaddress.com/
>> and found out that i may have misconfigured a security feature in squid as it gives out it's info without any restrictions..

No. It gives out some required IDs needed to close security risks and
occasional routing issues as well.

http://wiki.squid-cache.org/SquidFaq/SecurityPitfalls

>>
>> for example visiting the site above would result to :
>>
>>
>> Proxy Server Detected!
>> (proxy test results)Proxy Server IP address: X.X.X.X Proxy Server Details: 1.1 AynaProxy:3128 (squid/2.6.STABLE21)Proxy Reports IP as: 192.168.75.139
>>
>>
>> what have i missed ? how can i stop this ?!
>
> Look at the disclose_x_forwarded_for option
>

No such option.

whatsmyip is looking at many different things. That particular detection
message is due to a combination of the Via: unique-id assigned to squid
2.6STABLE21 used to prevent HTTP forwarding loops. Along with the
visible_hostname you set in your squid.conf and the original IP address
of the proxy client.

Amos

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE15
   Current Beta Squid 3.1.0.8 or 3.0.STABLE16-RC1
Received on Sat Jun 13 2009 - 00:06:00 MDT

This archive was generated by hypermail 2.2.0 : Sat Jun 13 2009 - 12:00:02 MDT