[squid-users] Squid Behavior to Ping Destination on Registered Ports
Kevin Wong
kevin at coretechx.com
Sat Nov 18 22:37:20 UTC 2017
> Date: Sat, 18 Nov 2017 22:06:31 +0000
> From: Antony Stone <Antony.Stone at squid.open.source.it>
> To: squid-users at lists.squid-cache.org
> Subject: Re: [squid-users] Squid Behavior to Ping Destination on
> Registered Ports
> Message-ID: <201711182206.31894.Antony.Stone at squid.open.source.it>
> Content-Type: Text/Plain; charset="iso-8859-15"
>
> On Saturday 18 November 2017 at 21:21:38, Kevin Wong wrote:
>
> > My firewall (Juniper SRX) caught outbound ICMP flows using vulnerable
> ports
>
> That makes no sense. ICMP doesn't use port numbers.
>
>
That is why I asked the list and was a follow up question if somebody
replied it is "normal traffic to find the path to the destination or
proxies in between".
> > before initiating outbound HTTP traffic. I am running an updated Squid
> > Proxy on Ubuntu 16.04. Can anybody explain or confirm the Squid
> behavior?
>
> What ICMP traffic are you blocking and why?
>
>
Besides some basic IDS rules, I'm not blocking ICMP traffic. What's being
blocked are all ports that are not explicitly allowed outbound. In this
case, ports 1024, 1280, and 1536 were blocked and 80/tcp, 53/udp are
allowed outbound.
>
> Antony.
>
> --
> I bought a book about anti-gravity. The reviews say you can't put it down.
>
> Please reply to the
> list;
> please *don't* CC
> me.
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20171118/b02075a9/attachment.html>
More information about the squid-users
mailing list