Squid for linux authentication question
Hello,
I have installed squid on my debian server. I configured it to use ncsa_auth so only users who will type username and password can use it because I had a lot of unknown connections to my proxy server without authentication enabled. I have installed sqstat to see online connections to my proxy server Seems like everything is working fine, I can use proxy only when I type username and password I defined. But here is my question. Even if authentication is set sqstat shows me that there are (at the moment I captured it) 8 users and 95 connections @ 0.00/0.00 KB/s (CURR/AVG) which is weird.. because only I have access to that username with password i created, also shows my connection that I use at the moment. I enabled Authentication, it prompt to type username and password but some people still have access to my proxy server ? How is it possible? Can anyone explain me what I did wrong? In log file it shows something like that: Code:
1342531625.592 0 109.236.88.33 TCP_DENIED/407 1706 GET http://l13.member.ukl.yahoo.com/? - NONE/- text/html |
Hi,
For a public accessible server, it's usual that there are these kind of probes. In your logs there are only TCP_DENIED/407 that is a good sign. Means that your server requires authentication and denies access if it doesn't get it. Regards |
Ok, but this means that someone is still connecting to my proxy server even if it denies access ? Because I don't know why some people can still connect..
|
Quote:
If you run publicly accessible servers (like web, mail etc), you'll always see attempts like these. If you don't want to see them, use a firewall to block them before accessing your server. Regards |
Quote:
|
All times are GMT -5. The time now is 06:39 PM. |