Thanks for all your help on squid ....nothing better to get TCP_DENIED in the access.log for squid. Yes!!! The acl part of squid is quite good...I will have to test it as I'm not sure if I denied too much ...eg: access to certain ports such as SSL and what they call safe ports..I set my squid to port 8080 anyhow. I also denied localhost as well...not sure if this makes sense, though I granted access to my internal network with the 192.168.x.x range, including the server which is in this range.
Now, onto apache to kill those bots and worms!!! Rob...
