[squid-users] Looking for additional information about securing squid

[Antony Stone]

On Tuesday 13 December 2016 at 23:44:12, Steve Becker wrote:

> Hi all,

Hi.

> My background's in networking, I'm very new to unix/linux and server
> administration, I don't know a whole lot about security beyond ACLs and
> setting up crypto for VPNs.
>
> I'm setting up a box at home with CentOS and squid,

> I know web servers are vulnerable to certain kinds of attacks, some of
> which could escalate user privileges or dump data people shouldn't have
> access to. Is squid, as a proxy server, I'm vulnerable to some of these
> kinds of attacks?  I'll be limiting squid to only accept traffic from my
> LAN but you still never know.  A guest might use my network with an
> infected device, etc.

First question - what are you aiming / hoping to achieve by implementing 
Squid?

Second question - do you really give guests full access to your home network, 
rather than just "a gateway to the Internet with no visibility of my private 
machines"?


Antony.

-- 
I wasn't sure about having a beard at first, but then it grew on me.

                                                   Please reply to the list;
                                                         please *don't* CC me.