[squid-users] host header forgery false positives
Jason Haar
jason_haar at trimble.com
Tue Feb 16 02:12:33 UTC 2016
On Tue, Feb 16, 2016 at 2:48 AM, Amos Jeffries <squid3 at treenet.co.nz> wrote:
> Thanks for the reminder. I dont recall seeing a bug report being made.
> Though Jason has sent me a more detailed cache.log trace to work with.
>
Yeah - I actually got half-way through putting in a bug report twice - but
ditched it for this and that reason. There's also evidence that this
affects http as well as https. When I was digging through the 2G cache.log
file for the SSL intercept related forgery samples, I found some http
related ones too. I wonder if this is generic to all intercept traffic
instead of https specific?
--
Cheers
Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +1 408 481 8171
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160216/91db7b65/attachment.html>
More information about the squid-users
mailing list