Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
is this an attack and if it is how to prevent it ??
i have fedora core 3 and using squid as proxy and i have lcoal client and using nat
This usually means that the IP tried to use your proxy and one of the ACLs prevented it from doing so. If all you have is local clients then my concern would be why your firewall is letting external clients connect to Squid in the first place. Even if you don't know how to firewall Squid from the outside, you should at the very least make Squid listen only on the internal interface.
thank you , yes it listen on port 3128 but i found another problem , which i made a file for the bad words and it include "video" when i search using google it prevent the search but if i type "VIDEO" or "Video" it works , how can that be solved
tahnk yo
You need to make sure it's only listening on the internal address.
Quote:
but i found another problem , which i made a file for the bad words and it include "video" when i search using google it prevent the search but if i type "VIDEO" or "Video" it works , how can that be solved
That's a completely unrelated question and as such it belongs in a new thread.
You'll need to clarify some things about your setup. Is this Squid box also doing NAT or is it a separate/dedicated box? If it is dedicated, then would we be correct in assuming that it only has one interface on it? Because that's what it's starting to sound like. If that's the case then you'll need to tell your NAT router to stop sending connections from the WAN toward your Squid.
am using NAT and i did a transparent squid server using eth0 and eth1
If your Squid box is also the NAT box, and Squid is only listening on the LAN side (which your netstat output seems to confirm), then I fail to understand how someone on the WAN could connect to Squid.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.