Hi,
I am using squid 2.6.12 on FreeBSD 5.3-STABLE and 6.2-STABLE. One cache
server is configured on the LAN, it forwards requests to 2 parent
caches which are in 2 different DMZs (2 lines to 2 different ISP).
I compiled squid with cache digest enabled. The parent cache
configuration lines:
FYI
With a modified squid (at the source Henrik pointed to) I get
Outgoing ssh (only command was ls and then exit)
1180183741.678 6328 127.0.0.1 TCP_MISS/200 7432 5036 2396 CONNECT
opensuse.suse.home:22 - DIRECT/192.168.1.7 -
5036 = Bytes written to client (Inbound)
2396 = Bytes written
You might want to include mean/median/distribution of read/write IO
sizes on SSL connections; you might find 'normal' SSL accesses
(even with AJAXed stuff?) has different access patterns versus command-line
SSL.
Are there any fingerprint bits in the SSL exchange which would tell
you its at least
mån 2007-05-28 klockan 12:08 +0800 skrev Norman Noah:
I have a problem in my network before this i'm allowing ftp without
proxy but yahoo mesengger is using that port to connect. so we block
port 21 on our firewall. but the problem is at proxy server that we
block numericall ips using method
mån 2007-05-28 klockan 14:44 +0100 skrev Markus Moeller:
So it looks like it could help determining malicious use of proxies even if
only few shell commands are executed.
Don't forget POST requests, which may give any ratio 1 depending on
the use..
Someone POST:ing a large file to a simple
tis 2007-05-29 klockan 00:18 +0800 skrev Adrian Chadd:
Are there any fingerprint bits in the SSL exchange which would tell
you its at least SSL encrypted traffic, versus just traffic not tunneled
inside SSL? Thats probably a good starting point.
The initial hello message exchange isn't too
Hi there,
I was running Debian old stable until today. I upgraded to current stable, rebooted and all was
fine. Squid seemed fine.
I then installed Squish - which went badly, so I removed it as per their FAQ file. Squid was a no
go. I then reverted to my old previously working squid.conf and