Questions tagged [squid]

Squid is a caching proxy server.

18 questions
4
votes
3 answers

Is SSL Interception possible without disabling Public Key Pinning on the client side?

I'm currently setting up a pfSense firewall in my lab. It supports SSL Inception which works pretty well for most sites. But there are some sites which use HTTP Public Key Pinning to prevent MitM attacks and this is a real pain because the systems…
davidb
  • 4,285
  • 3
  • 19
  • 31
3
votes
1 answer

how to check what process connects to my squid

I found today, that I have open proxy (squid on Debian). I fixed the firewall rule, and now I'm not. But someone still uses this proxy - it looks like it is proxying from inside my machine. I try to find which process is using my proxy. I have…
1
vote
0 answers

VPS for Tor & I2P - which other services can I safely run on same?

I'm toying with the idea of setting-up a Tor node (middle/guard) and an I2P node on the same VPS. I think that should be safe(ish)... But I'm wondering what other services I could run without it/them compremising Tor/I2P or vice versa. Obviously I…
Baard Kopperud
  • 747
  • 8
  • 18
1
vote
0 answers

Certificate Checking for MITM w/ Squid

I have already set up a squid cache proxy server on a Raspberry Pi 4. I need to create some sort of GUI to turn on and off certificate checking for man in the middle attacks. First, how do I get squid to do this certificate checking, or do I need…
LtMuffin
  • 442
  • 4
  • 12
1
vote
1 answer

How to make Squid Proxy undetectable by ip-check.net?

I have setup squid proxy on a CentOs server where I set forwarded_for to delete and denied request headers on the /etc/squid/squid.conf file. However, whilst connected to the proxy, if I visit http://ip-check.net/detect-proxy.php it still detects…
Oussama
  • 11
  • 1
1
vote
0 answers

Transparent proxy with certificate check

I need to filter HTTPS traffic based on the certificate of the destination server. Only traffic to servers which have a certain certificate should be allowed, other traffic needs to be blocked. The proxy must be transparent. How can this be…
MarcJ
  • 11
  • 2
1
vote
2 answers

Monitor HTTP requests in a TLS transaction

I want to know if there is a way to monitor the size and time taken for an HTTP request in a TLS transaction using a proxy or other network traffic inspection tool. Note that I do not want to inspect the content of request or response. However, I…
user1743182
  • 33
  • 1
  • 4
1
vote
1 answer

HSTS implemented but not working?

While being connected on a very restricted network, I was only able to access the internet through a Squid proxy which was configured only for HTTP on port 80. When navigating to google.com, I'm able to receive the site yet with no SSL on. I checked…
1
vote
0 answers

Making My Cache Work and Not Theirs: Blacklist for Blocking Caching Sites with Squidguard?

Is there a Squid Guard blacklist (assuming SSL decryption and inspection) that will block caching websites like Google Cache, Google Translate, and the Internet Wayback Machine?
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
1 answer

Is it possible to lock down the http / https proxy settings on a Windows Phone?

Is there any way to lock down the proxy settings on a Windows Phone so that they can't be changed by anyone but the person with the password?
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
1 answer

Is it possible to lock down the http / https proxy settings on an Android phone?

Is there any way to lock down the proxy settings on an Android Phone so that they can't be changed by anyone but the person with the password?
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
1 answer

Is it possible to lock down the http / https proxy settings on an iPhone?

Is there any way to lock down the proxy settings on an iPhone so that they can't be changed by anyone but the person with the password?
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
1 answer

Is it possible to filter internet access on a mobile phone with a 3/4G connection with a proxy server?

If you were to put a pfSense Squid Proxy Server with Squid Guardian on a DMZ and then point a cellphone with a 3/4G connection at it for SSL and HTTP with a self-signed CA certificate installed on it; assuming you have control of the phone, would it…
leeand00
  • 1,297
  • 1
  • 13
  • 21
1
vote
1 answer

Computers connecting to suspicious websites via squid proxy

I am running a squid proxy server on my network which my computers connect through to access the internet. I have noticed several odd entries in the squid access.log file around the same time everyday, where it appears that some of my computers are…
synthesis
  • 155
  • 1
  • 1
  • 15
0
votes
0 answers

Help with Successfully Accessing Citrix Netscaler Login Interface with Burp via squid proxy

I'm conducting an external penetration test. I have several Cisco VPNs and a Citrix Netscaler Gateway VPN. I'm trying to configure Portsigger's Burp to connect to my testing platform (Digital Ocean Ubuntu box with Squid) and then to the client's…
5lb Bass
  • 111
  • 2
1
2