lör 2006-06-10 klockan 20:32 +0800 skrev Adrian Chadd: > An example of someone using cachemgr.cgi to portscan arbitrary hosts. > What do you all think about adding in some basic configuration > to lock down which port/host the installed cachemgr.cgi is permitted > to look at?
You mean something like the cachemgr.conf we have since 2.5.STABLE10? http://www.squid-cache.org/Versions/v2/2.5/bugs/#squid-2.5.STABLE9-cachemgr_conf # This file controls which servers may be managed by # the cachemgr.cgi script # # The file consists of one server per line on the format # hostname:port description # # Specifying :port is optional. If not specified then # the default proxy port is assumed. :* or :any matches # any port on the target server. # # hostname is matched using shell filename matching, allowing # * and other shell wildcards. localhost Regards Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
