> Yesterday, I wanted to get back to the cache and saw a great > deal of traffic I/O on the cache but the weird part was that > none of it was for or on my network. It looked like I've been > used as some sort of payment gateway for a short while :). > Anyhow, I do have firewall security in place,
Assuming the squid box is inside your firewall then your firewall policy is incorrect. It should not allow connections from the internet to your squid box. Depending on how your network's setup that's usually the simplest thing to change. Or if you're squid is dual homed, stop squid from running on the dirty interface by specifying the internal interface only; #http_port 3128 http_port 192.168.1.1:3128 Or otherwise you'll need to setup an ACL listing all your internal networks and restrict access to that only.
