[squid-users] [SOLVED] Re: Question about: ext_session_acl Splash/Portal solution.
Amos Jeffries
squid3 at treenet.co.nz
Thu Oct 19 14:27:12 UTC 2017
On 20/10/17 03:09, Klaus Tachtler wrote:
>>
>> The config files I see in that page contains some configuration lines
>> I am trying to get people to stop doing:
>
> I will delete the problematic lines from my configuration example. BUT
> fist I will read the documentation again, to understand what I'm doing.
>
> By the way, I don't use it in my small family production environment, I
> was doing that only for testing an learning, how MITM could be done.
>
Ah, thats part of what I was worried about. These settings make Squid
actively hide problems from both you as admin and the user / clients.
Having almost all the useful error messages hidden does not help you
learning / debugging what is going on.
> I respect the privacy of my family, so I wouldn't use it productively.
>
These settings do not affect privacy. They make Squid stay silent even
if your network and clients are under heavy active attacks by outside
services. They also as a side-effect provide invisibility *to the
attackers* (not to your clients! ouch).
Effectively they do the opposite of what a sane admin wants in todays
environment.
Amos
More information about the squid-users
mailing list