Re[2]: [squid-users] Undernet/mIRC Says Squid is misconfigured - Denies login

From: Cliff <cliff@dont-contact.us>
Date: Sat, 21 Sep 2002 17:51:17 -0800

Hello Dave,

Saturday, September 21, 2002, 11:38:41 AM, you wrote:

DR> The network assumes you allow access to the cache from anyone;
DR> because they could connect. If you firewall off port 3128; it will go
DR> away. Its not to say that you have misconfigured your squid - nor
DR> is this a squid vulnerability - but you may be allowing users from
DR> elsewhere in the world to proxy though your caching server.
DR> -frowned upon-

I remain mystified as to what negative interaction
can exist, and how it can be used to detrementally
affect the undernet's IRC servers if exploited.

The fix mentioned below states to upgrade my
squid 1.x cache - said version I am not running.
It's 2.4Stable6 hence the question:

Is 2.4Stable6 vulnerable to whatever exploit it
is talking about? The blurb is very non specific
as to how the exploit occurs and the negative
consequences thereof.

>>
>> What does mIRC have to do with squid's port 3128?
>> Why do IRC servers give a hoot what I do on port 3128?
>>
>> And is this old information? Meaning squid 2.4Stable6

>>
>> Here's the suggested fix:
>> http://www.fr1.documents.cyberabuse.org/?page=vulnerabilities&doc=1

Best regards,
 Cliff
Received on Sat Sep 21 2002 - 19:51:30 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:10:22 MST