On Thu, Jan 07, 1999 at 10:51:52PM +1300, Chris Wedgwood wrote:
>
> Why -- I only allow people to use connect with 443 and 563 -- I see
> no reason for them to use a squid proxy a connection on any other
> port.
That's your call - I've found that users here access sites running on all
sorts of ports - for valid business sites. Don't ask me why these people run
web servers on wierd port numbers, I'm not running their sites :-)
Deny all port numbers but those you "trust" is bogus anyway. If I wanted to
tunnel into/out of a network, I'd ensure I ran my tunnel on port 80/443
anyway - try stopping that...
CONNECT is hell... (strange that the "secure" portion of HTTP has become one
of the most dangerous...)
-- Cheers Jason Haar Unix/Network Specialist, Trimble NZ Phone: +64 3 3391 377 Fax: +64 3 3391 417Received on Thu Jan 07 1999 - 13:04:34 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:43:55 MST