On Sat, 13 Sep 2003, Li Wei wrote: > Recently, I found some authorized Squid users privately installed > other proxy software on their PC. So then, other unauthorized users can access > my Squid server via it. I'm really at my wit's end.
The use of authentication is stronly recommended. > Can Squid fix this hole? Yes and no. If you have reasonable level of user identification in place then some simple statistics should indicate if some users are giving other users access with their identity. Then block the users who have given others access. If you are lucky then these rouge proxies adds some kind of identification to the requests forwarded via the proxy. For example if it is a Squid proxy then X-Forwarded-For may indicate who the real user was. If not it is virtually impossible to detect from an individual request if the request was a from the real user or proxied from another user and statistics need to be used to identify odd traffic patterns. Regards Henrik
