pred2k
April 30th, 2009, 10:08 AM
hi, i installed the squid proxy on my root-server to provide my friends and me a little more browsing anonymity (hiding the private ip-adress).
Also i setup openvpn with certificates for connecting to the root-server and acessing the proxy.
My changes at the squid.conf are:
http_port 10.8.0.1:3128
other changes at the config where:
icp_port 0
htcp_port 0
# disabled logging
access_log none
cache_log none
cache_store_log none
# useless because squid only listen on 10.8.0.1, but whatever
acl vpn src 10.8.0.0/255.255.255.0
http_access allow vpn
http_access allow localhost
...
forwarded_for off
...
# hide the proxy
header_access From deny all
header_access Via deny all
header_access Proxy-Connection deny all
header_access X-Forwarded-For deny all
after that netstat -lp | grep squid shows me:
tcp 0 0 10.8.0.1:3128 *:* LISTEN 30579/(squid)
udp 0 0 *:60628 *:* 30579/(squid)
That the heck ist that second udp-Port for? The Status is not LISTEN like the other, but that the Local Adress is * is strange.
The Port is random, is changes in a range at every proxy-restart.
EDIT: OK, i found out that it is used to query dns if icp is used. But how to disable it?
ps aux | grep squid
root 30576 0.0 0.0 5080 696 ? Ss 10:20 0:00 /usr/sbin/squid -D -YC
proxy 30579 0.0 0.2 8296 5764 ? S 10:20 0:00 (squid) -D -YC
why squid is located in a sbin direcotry and is running as root?
what is that process (squid)? Why the brackets?
EDIT: ok, i also find out that processes in ()-Brackets are unprivileged processes. Whatever that means in detail.
Do you have any ideas for securing the proxy or advanceing the anonymity?
Also i setup openvpn with certificates for connecting to the root-server and acessing the proxy.
My changes at the squid.conf are:
http_port 10.8.0.1:3128
other changes at the config where:
icp_port 0
htcp_port 0
# disabled logging
access_log none
cache_log none
cache_store_log none
# useless because squid only listen on 10.8.0.1, but whatever
acl vpn src 10.8.0.0/255.255.255.0
http_access allow vpn
http_access allow localhost
...
forwarded_for off
...
# hide the proxy
header_access From deny all
header_access Via deny all
header_access Proxy-Connection deny all
header_access X-Forwarded-For deny all
after that netstat -lp | grep squid shows me:
tcp 0 0 10.8.0.1:3128 *:* LISTEN 30579/(squid)
udp 0 0 *:60628 *:* 30579/(squid)
That the heck ist that second udp-Port for? The Status is not LISTEN like the other, but that the Local Adress is * is strange.
The Port is random, is changes in a range at every proxy-restart.
EDIT: OK, i found out that it is used to query dns if icp is used. But how to disable it?
ps aux | grep squid
root 30576 0.0 0.0 5080 696 ? Ss 10:20 0:00 /usr/sbin/squid -D -YC
proxy 30579 0.0 0.2 8296 5764 ? S 10:20 0:00 (squid) -D -YC
why squid is located in a sbin direcotry and is running as root?
what is that process (squid)? Why the brackets?
EDIT: ok, i also find out that processes in ()-Brackets are unprivileged processes. Whatever that means in detail.
Do you have any ideas for securing the proxy or advanceing the anonymity?