[unisog] Fantastic browser exploit setting up spam relays

John Stauffacher stauffacher at chapman.edu
Thu Oct 2 19:00:54 GMT 2003


If any of you are forcing your connections through a squid proxy, here is a
config snipped one of my student workers came up with yesterday to compound
the issue. Works quite well...

acl aolfix url_regex aolfix.ex*
http_access deny aolfix

issue /etc/init.d/squid reload


++
John Stauffacher
Network Administrator
Chapman University
stauffacher at chapman.edu
714.628.7249
 
"If the only tool you've got is an axe, every problem looks like fun!"
 
"it's a lot harder to ask permission than forgiveness."
 
"Success is something I will dress for when I get there, and not until."


-----Original Message-----
From: Dax [mailto:dax at resnet.ucsb.edu] 
Sent: Thursday, October 02, 2003 9:04 AM
To: unisog at sans.org
Subject: [unisog] Fantastic browser exploit setting up spam relays

	Mornin' folks-

	I've noticed ~100 or so users here infected with this:

http://www.sarc.com/avcenter/venc/data/trojan.qhosts.html

	Can I get a "Whoa, REDMOND!"?


/Dax




More information about the unisog mailing list