[squid-users] Re: They know we are using squid? Had no idea...

From: WebGal! <webgalisat@dont-contact.us>
Date: Fri, 31 Mar 2006 08:48:41 -0700

Well have played with the the header_access as well as the
header_replace options. This is not what we are looking for. These
appear to be very heavy-handed methods of dealing with a very small
variable option. Perhaps they can be finessed to a smaller "hammer"
profile; however, that is beyond our immediate expertise and time
available to absorb new information.

Yes, we understand that someone could scan the server and find the
squid. That is not something a normal server would do, as it would not
have the available resources to enable such a policy. Our security
needs are not that critical.

What we need to do is reconfig such that it is not so easily seen that
this is a proxied squid connection. If that is not possible we would
just like to be able to configure the portion that says,
"squid/2.5.STABLE12"

We just need this one element of the profile killed or obscured. Here
is it again...

 http://www.dnsstuff.com/tools/aboutyou.ch

 generates...

 Proxy Server: 1.1 host.XXXXXXXX.XXX:8065 (squid/2.5.STABLE12)

On 3/30/06, WebGal! <webgalisat@gmail.com> wrote:
> Just saw something the other day that needs to be addressed.
>
> It appears, which we did not know, it can be determined if we are
> running squid when connecting to a server through our remote
> installation of squid. We would like to have this "feature" disabled,
> for obvious reasons. Would appreciate any thoughts about how to make
> our use of squid completely obscured.
>
> To see an example of what we are talking about visit the URL below
> through your squid proxy server, heck perhaps any proxy server...
>
> http://www.dnsstuff.com/tools/aboutyou.ch
>
> generates...
>
> Proxy Server: 1.1 host.XXXXXXXX.XXX:8065 (squid/2.5.STABLE12)
>
> Thanks for your help
>
Received on Fri Mar 31 2006 - 08:48:52 MST

This archive was generated by hypermail pre-2.1.9 : Sat Apr 01 2006 - 12:00:05 MST