Re: [squid-users] my squid used by someone's proxy server. from Henrik Nordstrom on 2007-11-13 (squid-users)

From: Henrik Nordstrom <henrik@dont-contact.us>
Date: Tue, 13 Nov 2007 22:45:01 +0100

On tor, 2007-11-08 at 16:16 +0900, Seonkyu Park wrote:
> Hello Squid users.
>
> I am using squid for server accelerator.

Squid version?

Are you using any always_direct rule?

> I found that my squid server (server accelerator) used by someone's proxy server.
>
> (219.136.189.213 - - [08/Nov/2007:15:30:35 +0900] "GET http://www.baidu.com/ HTTP/1.0" 200 4082 "-" "-" TCP_REFRESH)

The native squid format is more suited for analyzing this..

> How can I block it ?

by using stronger http_access rules only allowing access to your sites.

But it's meant to protect you from this automatically so I'd like to
analyze your current setup a little further..

Regards
Henrik

application/pgp-signature attachment: This is a digitally signed message part

Received on Tue Nov 13 2007 - 14:45:24 MST

This archive was generated by hypermail pre-2.1.9 : Sat Dec 01 2007 - 12:00:02 MST