Re: [squid-users] Squid detects open redirect vulnerability ?

From: Amos Jeffries <squid3_at_treenet.co.nz>
Date: Sun, 12 Apr 2009 15:09:32 +1200

Riccardo Castellani wrote:
> Does it exist squid package which can detect open redirect (url
> vulnerabilty on http traffic ?
> I think there will be available a speacial package for working together
> squid.

Squid only performs security checks base on what it can find with the
request/reply info as given and what it is configured to check. It does
not natively do additional URL lookups or HTTP requests.

If you have a particular security case you need help with, please state
that case and we can probably point you at how to configure or implement
the security measures.

Amos

>
> ----- Original Message ----- From: "Riccardo Castellani"
> <ric.castellani_at_alice.it>
> To: "Yan Seiner" <yan_at_seiner.com>; <squid-users_at_squid-cache.org>
> Sent: Saturday, April 11, 2009 3:37 PM
> Subject: Re: [squid-users] Squid : better on Debian or Ubunto server ?
>
>
>> Debian packages updates are released by longer time comparating to
>> Ubuntu ?
>> They aren't latest, what means ? Why ?
>>
>> ----- Original Message ----- From: "Yan Seiner" <yan_at_seiner.com>
>> To: "Riccardo Castellani" <ric.castellani_at_alice.it>;
>> <squid-users_at_squid-cache.org>
>> Sent: Saturday, April 04, 2009 2:58 PM
>> Subject: Re: [squid-users] Squid : better on Debian or Ubunto server ?
>>
>>
>>> Riccardo Castellani wrote:
>>>> so difference, as Yan said, essentially is GUI ?
>>>>
>>>> And about other Linux distribution ? Or Debian is nore suitable to
>>>> ttat job ?
>>>> Now I'm using Fedora 1 !
>>> I use Debian for servers because it is stable. Yes, not all the
>>> packages are the latest. But it works, and works quite well.
>>>
>>> Fedora is a beta-distro; it's intended to be RedHat's bleeding edge
>>> testing ground. IMHO, not suitable for servers. Use RedHat if you
>>> want a stable distro version.
>>>
>>> --Yan
>>>
>>>
>>>>
>>>> ----- Original Message ----- From: "Yan Seiner" <yan_at_seiner.com>
>>>> To: "Riccardo Castellani" <ric.castellani_at_alice.it>
>>>> Sent: Friday, April 03, 2009 11:44 PM
>>>> Subject: Re: [squid-users] Squid : better on Debian or Ubunto server ?
>>>>
>>>>
>>>>>
>>>>> On Fri, April 3, 2009 2:05 pm, Riccardo Castellani wrote:
>>>>>> I don't understand.
>>>>>
>>>>> For text UI, debian and ubuntu are virtually the same.
>>>>>
>>>>> I'd go with debian as most of the really nice stuff in ubuntu is
>>>>> around
>>>>> the GUI.
>>>>>
>>>>> --Yan
>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: "Amos Jeffries" <squid3_at_treenet.co.nz>
>>>>>> To: "Riccardo Castellani" <ric.castellani_at_alice.it>
>>>>>> Cc: <squid-users_at_squid-cache.org>
>>>>>> Sent: Friday, April 03, 2009 10:59 PM
>>>>>> Subject: Re: [squid-users] Squid : better on Debian or Ubunto
>>>>>> server ?
>>>>>>
>>>>>>
>>>>>>> Riccardo Castellani wrote:
>>>>>>>> I have to install new Linux server, based on ONLY on text
>>>>>>>> console (not
>>>>>>>> X server, not kde, not gnome) to having squid as parent cache.
>>>>>>>> Then I have to configure sendmail which relays messages to 3
>>>>>>>> perimetral
>>>>>>>> mail servers.
>>>>>>>>
>>>>>>>> I'm thinking to install Debian or Ubuntu server but what do you
>>>>>>>> suggest me ?
>>>>>>>
>>>>>>> Up to you. Ubuntu is a child OS built on top of Debian.
>>>>>>> From the console they are almost identical.
>>>>>>>
>>>>>>> I find the delay in package updates annoying in Ubuntu, particularly
>>>>>>> since they cop it from their own release freezes, and from the
>>>>>>> Debian
>>>>>>> freezes once a year. But I'm an unashamed neophyte.
>>>>>>>
>>>>>>> Amos
>>>>>>> --
>>>>>>> Please be using
>>>>>>> Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
>>>>>>> Current Beta Squid 3.1.0.6
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Yan Seiner, PE
>>>>>
>>>>> Support my bid for the 4J School Board
>>>>> http://www.seiner.com
>>>>>
>>>>
>>>>
>>>> !DSPAM:49d70036308067818312239!
>>>>
>>>
>>>
>>> --
>>> Yan Seiner
>>> Support my bid for the 4J School Board.
>>> Visit http://www.seiner.com/schoolboard
>>>
>>>
>>
>

-- 
Please be using
   Current Stable Squid 2.7.STABLE6 or 3.0.STABLE13
   Current Beta Squid 3.1.0.6
Received on Sun Apr 12 2009 - 02:09:28 MDT

This archive was generated by hypermail 2.2.0 : Sun Apr 12 2009 - 12:00:03 MDT