Security concerns with using squidclient from a host separate from the server

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Security concerns with using squidclient from a host separate from the server

Tom Karches
Are there any security concerns with running squidclient anywhere except on the local host? I have been told that squidclient "exposes a lot of data". Is that because transactions are passed over an insecure connection? If so, is there a workaround that solves this problem?

Tom

--
Thomas Karches
NCSU OIT CSI - Systems Specialist
M.E Student - Technology Education
Hillsborough 319 / 919.515.5508



_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users
Reply | Threaded
Open this post in threaded view
|

Re: Security concerns with using squidclient from a host separate from the server

Amos Jeffries
Administrator
On 10/12/19 9:08 am, Tom Karches wrote:
> Are there any security concerns with running squidclient anywhere except
> on the local host?

No more than with any HTTP software. Less than some.


> I have been told that squidclient "exposes a lot of
> data". Is that because transactions are passed over an insecure
> connection? If so, is there a workaround that solves this problem?
>

Depends on what you consider exposure. Of what? to whom? and how?

squidclient prints the HTTP response headers and payload to its stdout.
How that info was received is up to the server/proxy being connected to.

Amos
_______________________________________________
squid-users mailing list
[hidden email]
http://lists.squid-cache.org/listinfo/squid-users