[Nottingham] apache or squid for proxying?
Martin
martin at ml1.co.uk
Wed Oct 14 22:41:44 UTC 2009
Martin wrote:
> Mike Cardwell wrote:
>> Mike Cardwell wrote:
>>
>>>> The difference is this. A java applet can only make a straight tcp
>>>> socket connection to the web server it came from, to prevent obvious
>>>> abuse vectors.
>>>>
>>>> If you have a transparent web proxy, it can connect to any web server it
>>>> chooses.
>>> Here's a description of the issue: https://www.kb.cert.org/vuls/id/435052
Crazy thought... Would a transparent proxy that then works through a
non-transparent proxy defeat that exploit?
PCs -- (lan) --> transparent proxy ----> proxy (& gateway) ----> internet
You then still get the advantage of not having to change any settings on
the PCs already set up on an internal network.
Cheers,
Martin
--
----------------
Martin Lomas
martin at ml1.co.uk
----------------
More information about the Nottingham
mailing list