Securing Squid

Protecting your Linux box

Securing Squid

Postby Saeeds » Sun Dec 21, 2003 10:56 pm

Dear All,
Salamoalikum
i want to know how one can stop user from spaming illegal domain names like www.flashy!.com on squid box . How the Acl's should be applied in squid.conf. Thanx in advance.
Saeed
Saeeds
Cadet
 
Posts: 9
Joined: Thu Dec 04, 2003 7:01 pm

Re: Securing Squid

Postby lambda » Sun Dec 21, 2003 11:59 pm

Saeeds wrote:i want to know how one can stop user from spaming illegal domain names like www.flashy!.com on squid box .


what do you mean? the users try loading that site in large numbers?
what problem does it cause for you?
lambda
Major General
 
Posts: 3452
Joined: Tue May 27, 2003 7:04 pm
Website: http://www.hungry.com/~fn/
Location: Lahore

Postby zaeemarshad » Mon Dec 22, 2003 12:19 am

u will have to use the dstdomain tag to block access to anyspecified domain. if u want to block random access try using url_regex. u can use normal regex patterns in it.

Regards
Zaeem Arshad
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad

Postby Saeeds » Tue Dec 23, 2003 1:14 am

What i meant was that the user is continously trying to access this site wid illegal character ...as i view my cache.log it continouesly goes on showing mesg tht "could not parse www.xyz!.com illegal character ..." i guess it puts laod on the sytem as the request is generated every 4 or 5 sec later.
Mr Zaeem got my point i guess, that what should i do if i want to stop user from generating requests which contains illegal characters..but sir as i am newbie plz give me example...... :oops:
Saeed
Saeeds
Cadet
 
Posts: 9
Joined: Thu Dec 04, 2003 7:01 pm

Postby zaeemarshad » Tue Dec 23, 2003 2:37 am

Use this in squid.conf

acl invalidurls dstdom_regex -i [`"!@#%^*]
http_access deny invalidurls

u can put in as many characters u like in the square brackets but beware that $%() and a few others are used in urls. so be careful or ur users may be devoid of net surfing. good luck

PS: I tested it and that works fine for me. If it doesnt then let me know of ur configuration as the most probable cause shall be a problem in ur squid.conf .

Regards
Zaeem Arshad
zaeemarshad
Lieutenant Colonel
 
Posts: 660
Joined: Sat Jul 06, 2002 12:35 pm
Website: http://zaeem.no-ip.org
WLM: zarshadvirk@hotmail.com
Yahoo Messenger: negativecreep61@yahoo.com
AOL: zarshadvirk
Location: Islamabad


Return to “%s” Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron