help with squid - Security

This is a discussion on help with squid - Security ; dear linux experts, please help? i installed alinux server woks in fedora core 4,works as afirewall and asquid caching server...iam sure that my work was right and the server works fine and caching....but i face aproblem and need suggestions? it ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: help with squid

  1. help with squid

    dear linux experts,
    please help? i installed alinux server woks in fedora core 4,works as
    afirewall and asquid caching server...iam sure that my work was right
    and
    the server works fine and caching....but i face aproblem and need
    suggestions?
    it seems the hosts have alot of viruses,so when some hosts work they
    some times get the whole network down and squid gives error
    messages,and some times the network works fine....i wish to solve those
    problems from the linux server instead of cleaning the hosts of windows
    from the viruses.....may this happen? i disabled the icmp from the
    linux box but i think this didn't help....another question
    please....some people say that there are worms made for the private
    networks only so if you work with real ips this will be
    better.......help please and thanks for your help...


  2. Re: help with squid

    In comp.os.linux.security habibielwa7id :
    > dear linux experts,
    > please help? i installed alinux server woks in fedora core 4,works as
    > afirewall and asquid caching server...iam sure that my work was right
    > and
    > the server works fine and caching....but i face aproblem and need
    > suggestions?
    > it seems the hosts have alot of viruses,so when some hosts work they
    > some times get the whole network down and squid gives error
    > messages,and some times the network works fine....i wish to solve those
    > problems from the linux server instead of cleaning the hosts of windows
    > from the viruses.....may this happen?


    This isn't a Linux problem. Best idea would be running Linux on
    all systems, to save you work setup a LTSP (http://www.ltsp.org)
    server.

    If you insist on running doze you need to firstly clean out
    virus/malware from the systems. This includes IE + Outlook, most
    virus/malware targets them, some say they are virus/malware on
    their own.

    Now install firefox/mozilla and use this for surfing + mail, you
    have reduced the risk of new problems in a second about 80-90%.

    There are a few things squid can do for you, like Squidguard and
    Dansguard (see below URL), this needs lots of work and can't
    guarantee anything but you'll have much more success with
    removing IE + Outlook firstly.

    http://www.squid-cache.org/related-software.html

    It doesn't sound as if it would be possible to educate your users
    at all? More like they'd happily click on anything and wonder
    later they did brought down their own system and perhaps the rest
    of your network to a grinding halt.

    Many crap comes as mail, running virus protection + SA
    (SpamAssassin) on your MTA and dropping/rejecting the crap should
    help in addition.

    > i disabled the icmp from the linux box but i think this didn't
    > help....another question please....some people say that there


    Not a good idea to disable icmp messages.

    > are worms made for the private networks only so if you work
    > with real ips this will be better.......help please and thanks
    > for your help...


    Doesn't really matter, as outlined to yourself a big favor and
    remove the No. 1 reason for catching all the crap.

    Good luck

    BTW
    Please read this before posting anything else:

    http://cfaj.freeshell.org/google
    --
    Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
    mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
    #bofh excuse 302: microelectronic Riemannian curved-space
    fault in write-only file system

  3. Re: help with squid

    thanks mr:Michael for your help,i will check the links you mentioned,i
    just reply now to say thanks for your help.


+ Reply to Thread