[squid-users] R: Squid 100% CPU and possible attack
Job at colliniconsulting.it
Fri Oct 23 07:41:23 UTC 2015
>>That looks like the side effects of a forwarding loop DoS. Look for the
>>following line in your squid.conf and remove it:
>> via off
I do not have via off in my squid.conf, so i think it is set to on, default value.
Otherwise, i redirect outbount http/80 to the internal 8080 on firewall/squid machine.
It seems from a specific client someone try to pass an exploit to the 8080 port...
What else should i consider?
Thank you again!
More information about the squid-users