Re: [squid-users] SECURITY ALERT: Squid Cache: Version 3.2.0.13

From: FredB <fredbmail_at_free.fr>
Date: Fri, 02 Dec 2011 09:30:44 +0100 (CET)

>
> Yes, welcome to the host header forgery mess. I don't know who
> benefited from this but a lot of people got bitten by it.
>
> I mentioned this first day
> http://bugs.squid-cache.org/show_bug.cgi?id=3325
>
> Anyone doing ANYCAST will be screwed (and a whole lotta people do
> that).
>
> p4$ host download.windowsupdate.com
> mscom-wui-any.vo.msecnd.net has address 70.37.129.251
> mscom-wui-any.vo.msecnd.net has address 70.37.129.244
>
> p12$ host download.windowsupdate.com
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.42
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.8
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.24
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.26
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.41
>
> Jenny

It's strange, how to explain that I don't have this problem.
I am using two Squid 3.2.0.13-20111129-r11445 (with http://bugs.squid-cache.org/attachment.cgi?id=2539 and http://bugs.squid-cache.org/attachment.cgi?id=2574) in production

du -h /var/log/squid/access.log
2,2G -> high traffic

grep SECUR /var/log/squid/cache.log -> Nothing

And no complaint from a user
Perhaps, You used transparent proxy like David, or a same option in Squid.conf ?
Received on Fri Dec 02 2011 - 08:30:55 MST

This archive was generated by hypermail 2.2.0 : Fri Dec 02 2011 - 12:00:01 MST