appach attack
when i look at squid log i see that following :
217.147.30.32 TCP_DENIED/403 1372 POST http://registrace.atlas.cz/verify.aspx - NONE/- text/htm is this an attack and if it is how to prevent it ?? i have fedora core 3 and using squid as proxy and i have lcoal client and using nat |
Quote:
|
thank you and this guid me to ask you :
how to make Squid listen only on the internal interface ? thankl you |
Quote:
Code:
http_port 192.168.1.1:3128 |
ok, i did that and i'll see if that message will keep coming
thank you so much ... |
Quote:
Code:
squid -k reconfigure Code:
netstat -an --inet | grep LISTEN | grep 3128 |
thank you , yes it listen on port 3128 but i found another problem , which i made a file for the bad words and it include "video" when i search using google it prevent the search but if i type "VIDEO" or "Video" it works , how can that be solved
tahnk yo |
Quote:
You need to make sure it's only listening on the internal address. Quote:
|
thank you , but i still have the same message it came
|
tcp 0 0 192.168.1.96:3128 0.0.0.0:* LISTEN
|
You'll need to clarify some things about your setup. Is this Squid box also doing NAT or is it a separate/dedicated box? If it is dedicated, then would we be correct in assuming that it only has one interface on it? Because that's what it's starting to sound like. If that's the case then you'll need to tell your NAT router to stop sending connections from the WAN toward your Squid.
|
am using NAT and i did a transparent squid server using eth0 and eth1
|
Quote:
|
me too,
thank you so much for your help which is so appreciated ... thank you |
Could the IP be getting spoofed by something on the LAN side?
If there's a Windows box, maybe run a spyware checker. |
All times are GMT -5. The time now is 07:26 PM. |