[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Qube 3 Squid runs as Open Relay Proxy by default
- Subject: Re: [cobalt-security] Qube 3 Squid runs as Open Relay Proxy by default
- From: "Wim Dieke" <w.dieke@xxxxxxxxx>
- Date: Thu, 18 Jul 2002 21:24:31 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> >>> Qube 3 is running as an Open Relay Proxy and can therefore be used
> >>> for email spamming through the Squid port on the ppp connection
> >>> when dialed up.
>
> >> Simplest solution is to get a hardware firewall and have it *not*
> >> forward port 3128 to the Qube.
>
> > Woldn't the simpler solution be to [re]configure squid to not be
> > an open relay? This hardly seems a problem that needs hardware
> > thrown at it...
>
> Yah, one of the elided parts was that he tried doing some edits, but
> something on the was was automagically prepending "Allow all" or
> something equally rapeable to the squid.conf. In my view, a $100
> investment (and a small amount of setup time) is a good stop-gap
> until he can figure out what's doing the unwanted edits.
>
Or installing the adaptive firewall from sun on the qube3 (witch is free) is an option. costs less than hw firewall and runs on qube.
My 2 cents,
Wim