[squid-users] R: Squid 100% CPU and possible attack

Job Job at colliniconsulting.it
Fri Oct 23 07:41:23 UTC 2015


>>That looks like the side effects of a forwarding loop DoS. Look for the
>>following line in your squid.conf and remove it:

>>  via off

Hello Amos!

I do not have via off in my squid.conf, so i think it is set to on, default value.

Otherwise, i redirect outbount http/80 to the internal 8080 on firewall/squid machine.
It seems from a specific client someone try to pass an exploit to the 8080 port...

What else should i consider?

Thank you again!
Francesco


More information about the squid-users mailing list