From owner-freebsd-isp@FreeBSD.ORG  Mon May 19 19:23:39 2003
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5C8D937B401
	for <freebsd-isp@freebsd.org>; Mon, 19 May 2003 19:23:39 -0700 (PDT)
Received: from visi.gothic.net.au (visi.gothic.net.au [202.182.69.51])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 289CE43FA3
	for <freebsd-isp@freebsd.org>; Mon, 19 May 2003 19:23:38 -0700 (PDT)
	(envelope-from sean@gothic.net.au)
Received: from localhost (localhost [127.0.0.1])
	by visi.gothic.net.au (Postfix) with ESMTP
	id 2DFD5A6B72; Tue, 20 May 2003 12:23:35 +1000 (EST)
Received: from visi.gothic.net.au (visi.gothic.net.au [202.182.69.51])
	by visi.gothic.net.au (Postfix) with ESMTP
	id 4A933A6B43; Tue, 20 May 2003 12:23:31 +1000 (EST)
Date: Tue, 20 May 2003 12:23:27 +1000 (EST)
From: Sean <sean@gothic.net.au>
To: Tom Samplonius <tom@sdf.com>
In-Reply-To: <Pine.BSF.4.05.10305191637460.2996-100000@misery.sdf.com>
Message-ID: <20030520122211.J54488@visi.gothic.net.au>
References: <Pine.BSF.4.05.10305191637460.2996-100000@misery.sdf.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
X-Spam-Status: No, hits=-7.9 required=5.0
	tests=BAYES_01,EMAIL_ATTRIBUTION,IN_REP_TO,QUOTED_EMAIL_TEXT,
	      QUOTE_TWICE_1,REFERENCES,REPLY_WITH_QUOTES
	autolearn=ham version=2.54
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.54 (1.174.2.17-2003-05-11-exp)
X-Virus-Scanned: by AMaViS snapshot-20020531
cc: freebsd-isp@freebsd.org
Subject: Re: Illegal use of my server??
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 20 May 2003 02:23:39 -0000

On Mon, 19 May 2003, Tom Samplonius wrote:

>
> On Mon, 19 May 2003, Joseph T. Klein wrote:
>
> > The Squid package and port should have a *big* warning sign on them
> > about this.
> > I know of at least one network that was blacklisted due to the lack of
> > tight
> > ACLs on Squid.
> ...
>
>   The Squid port should probably ship with a default-deny rule.

As it already does:

12:21 sean@old [/usr/local/etc/squid] grep ^http_access squid.conf.default
http_access allow manager localhost
http_access deny manager
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access deny all


>
>   As far I can see, every IP on the Internet is port scanned at least
> several times a day.  If you have something that is wide-open, it will be
> found very quickly.
>
>
> Tom
>
> _______________________________________________
> freebsd-isp@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-isp
> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org"
>
>