On 5/09/2016 11:35 a.m., Marcus Kool wrote:
> Thanks for your reply.
>
> The 13-year old child in me says "I want it fixed yesterday"
> since false positives are very painful and cannot always
> be prevented since the environment where Squid works is
> not always that easy to control.
>
> You men
Thanks for your reply.
The 13-year old child in me says "I want it fixed yesterday"
since false positives are very painful and cannot always
be prevented since the environment where Squid works is
not always that easy to control.
You mentioned earlier that a fix will probably go in squid 5
which
On 31/08/2016 5:25 a.m., Marcus Kool wrote:
> Do I understand it correctly that Squid in normal proxy mode
> allows malware to do a CONNECT to any destination, while in
> transparent proxy mode does extra security checks which causes
> some regular (non-malware) clients to fail?
Intercepted traff
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
And this one:
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
of course.
30.08.2016 23:25, Marcus Kool пишет:
> Do I understand it correctly that Squid in normal proxy mode
> allows malware to do a CONNECT to any destinati
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
31.08.2016 1:24, Yuri Voinov пишет:
>
>
>
> 30.08.2016 23:25, Marcus Kool пишет:
> > Do I understand it correctly that Squid in normal proxy mode
> > allows malware to do a CONNECT to any destination, while in
> > transparent proxy mode does extr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
30.08.2016 23:25, Marcus Kool пишет:
> Do I understand it correctly that Squid in normal proxy mode
> allows malware to do a CONNECT to any destination, while in
> transparent proxy mode does extra security checks which causes
> some regular (non
Do I understand it correctly that Squid in normal proxy mode
allows malware to do a CONNECT to any destination, while in
transparent proxy mode does extra security checks which causes
some regular (non-malware) clients to fail?
And philosophical questions: is Squid the right tool
to stop malware?
On 26/08/2016 4:17 a.m., Steve Hill wrote:
>
> This one just seems to keep coming up and I'm wondering how other people
> are dealing with it:
>
> When you peek and splice a transparently proxied connection, the SNI
> goes through the host validation phase. Squid does a DNS lookup for the
> SNI,
On 26/08/2016 6:34 a.m., reinerotto wrote:
> Hack the code. Because it is even worse, as firefox for example does not obey
> to the TTL.
>
It is not that simple. The checks are there for very good reason(s)
related to security of the network using the proxy.
The Host forgery issue being checked
Hack the code. Because it is even worse, as firefox for example does not obey
to the TTL.
--
View this message in context:
http://squid-web-proxy-cache.1019090.n4.nabble.com/More-host-header-forgery-pain-with-peek-splice-tp4679178p4679181.html
Sent from the Squid - Users mailing list archive a
This one just seems to keep coming up and I'm wondering how other people
are dealing with it:
When you peek and splice a transparently proxied connection, the SNI
goes through the host validation phase. Squid does a DNS lookup for the
SNI, and if it doesn't resolve to the IP address that th
11 matches
Mail list logo
