Re: [squid-users] SECURITY ALERT: Squid Cache: Version 3.2.0.13

From: Kevin Wilcox <kevin.wilcox_at_gmail.com>
Date: Fri, 2 Dec 2011 13:30:52 -0500

On 2 December 2011 01:01, Jenny Lee <bodycare_5_at_live.com> wrote:

> p4$ host download.windowsupdate.com
> mscom-wui-any.vo.msecnd.net has address 70.37.129.251
> mscom-wui-any.vo.msecnd.net has address 70.37.129.244
>
> p12$ host download.windowsupdate.com
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.42
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.8
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.24
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.26
> a26.ms.akamai.net.0.1.cn.akamaitech.net has address 92.123.69.41

Note also that this can change very rapidly. I've seen Windows Update
DNS TTLs of 300 seconds and yes, the destinations changed on expiry.

That said, I've had a squid cache for several hundred devices with the
primary destinations of Apple/Windows updates (it's a tech support
group and they're constantly imaging/updating machines) for months and
they Just Work. The proxy is inline, running in intercept mode on
their firewall.

kmw
Received on Fri Dec 02 2011 - 18:30:59 MST

This archive was generated by hypermail 2.2.0 : Fri Dec 02 2011 - 12:00:01 MST