 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
On Tue, Aug 08, 2006 at 07:22:44AM -0400, Grant M. wrote: > So, given an up-to-date, fully patched server that is maintained that > way, I am not sure how having the squid proxy is of any huge value. Is > this just a 'feel-good' security measure? I do fully understand the idea > of an exploit allowing an attacker to execute code as root on a > compromisable server, but isn't this just as dangerous on the Squid box? > And how does a Squid proxy prevent one from doing that on the internal > box, anyhow? Here are the useful security attributes of squid: - cached URLs are served directly from squid, so repeat requests don't interact with the server at all. This can alleviate some DOS attacks. - ACLs and filters can be applied. This can exclude known bad guys, or restrict requested URLs to just those that fit a particular regex. - delay pools can limit bandwidth either for particular servers or clients. Except for the first feature, you need to explicitly configure and regularly maintain a squid cache to keep getting security benefits from it. -dsr- -- -. --- -- --- .-. . ... . -.-. .-. . - ... ..-. ..- -.-. -.- - .... . -. ... .- ..-. ..- -.-. -. .-. -.. - .... ... ..- -.- -. .-- -.-. -..
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
