From owner-freebsd-isp@FreeBSD.ORG Mon May 19 19:23:39 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5C8D937B401 for ; Mon, 19 May 2003 19:23:39 -0700 (PDT) Received: from visi.gothic.net.au (visi.gothic.net.au [202.182.69.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 289CE43FA3 for ; Mon, 19 May 2003 19:23:38 -0700 (PDT) (envelope-from sean@gothic.net.au) Received: from localhost (localhost [127.0.0.1]) by visi.gothic.net.au (Postfix) with ESMTP id 2DFD5A6B72; Tue, 20 May 2003 12:23:35 +1000 (EST) Received: from visi.gothic.net.au (visi.gothic.net.au [202.182.69.51]) by visi.gothic.net.au (Postfix) with ESMTP id 4A933A6B43; Tue, 20 May 2003 12:23:31 +1000 (EST) Date: Tue, 20 May 2003 12:23:27 +1000 (EST) From: Sean To: Tom Samplonius In-Reply-To: Message-ID: <20030520122211.J54488@visi.gothic.net.au> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-7.9 required=5.0 tests=BAYES_01,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT, QUOTE_TWICE_1,REFERENCES,REPLY_WITH_QUOTES autolearn=ham version=2.54 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.54 (1.174.2.17-2003-05-11-exp) X-Virus-Scanned: by AMaViS snapshot-20020531 cc: freebsd-isp@freebsd.org Subject: Re: Illegal use of my server?? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 May 2003 02:23:39 -0000 On Mon, 19 May 2003, Tom Samplonius wrote: > > On Mon, 19 May 2003, Joseph T. Klein wrote: > > > The Squid package and port should have a *big* warning sign on them > > about this. > > I know of at least one network that was blacklisted due to the lack of > > tight > > ACLs on Squid. > ... > > The Squid port should probably ship with a default-deny rule. As it already does: 12:21 sean@old [/usr/local/etc/squid] grep ^http_access squid.conf.default http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access deny all > > As far I can see, every IP on the Internet is port scanned at least > several times a day. If you have something that is wide-open, it will be > found very quickly. > > > Tom > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > >