I tested against a server that I do not have access to the config
file, but I did some tests in a new installation of Squid and the acl
that allows CONNECT only in the SSL_PORTS works well for the CONNECT
to GET translation attack, because the CONNECT method will not work
for port 80. But the m...
I tested against a server that I do not have access to the config
file, but I did some tests in a new installation of Squid and the acl
that allows CONNECT only in the SSL_PORTS works well for the CONNECT
to GET translation attack, because the CONNECT method will not work
for port 80. But the m...
[ more ]