Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Bob Wallman on March 06, 2002, 08:51:23 PM
-
I found this web site on Insecure Web Proxy Servers and Squid is mentioned:
http://linux.oreillynet.com/pub/a/linux/2002/02/25/insecurities.html#squ
I'm not sure of the Squid version in 5.1.2. Does anyone know if 5.1.2 is affected by this?
-
SME squid is affected, but only local users could "attack" it.
SME firewalls port 3128 from outside.
-
I work for a School Division and I wouldn't put anything past some of the students. I wonder if an update will be made available for this or is there something else I could do?
-
Oops. I was thinking about a school as the only example of problematic env.
Install squid errata from RedHat 7.1.
http://www.redhat.com/support/errata/RHSA-2002-029.html
-
i am not sure if I understand what you are saying. Should I update squid. Can it be attacked from outside.
Thanks,
Jehu.
-
jehu wrote:
> i am not sure if I understand what you are saying. Should I
> update squid. Can it be attacked from outside.
Filippo is saying that squid cannot be attacked from the outside, and that you can update squid if you feel you should (for example, if you think that your internal users might be malicious).
And I agree with him.
Charlie
-
Thanks, the only internal user is me. So I won,t be attacking the Squid.
Thanks again,
Jehu
-
Why is SME using such and old version of squid the latest stable is 2.4STABLE4 and we are using 2.3STABLE4 surely there must be some important improvements ?
Dean
-
2.3.STABLE4 was included in RedHat 7.1 upon which SME is based.
See http://www.squid-cache.org/Versions/v2/2.4/ChangeLog.txt for improvements / fixes.