LinuxSecurity.com Feature Extras:
Squid and Digest Authentication - Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).
Squid and Basic Authentication - This is perhaps the easiest authentication helper to configure in Squid, but also the most insecure. The biggest problem with Basic is it transmits username and password in clear text, hence very susceptible to network sniffing or man in the middle type attacks. The only reason I'm writing about it is it's a valid authentication mechanism in some limited circumstances. Secondly I want to show you how authentication has evolved over the years.
(Dec 1) | ||
|
||
(Nov 30) | ||
|
||
(Nov 30) | ||
|
||
(Nov 24) | ||
|
||
Mandriva: 2011:179: glibc (Nov 25) | ||
|
||
Mandriva: 2011:178: glibc (Nov 25) | ||
|
||
Red Hat: 2011:1507-01: libarchive: Moderate Advisory (Dec 1) | ||
|
||
Red Hat: 2011:1508-01: cyrus-imapd: Moderate Advisory (Dec 1) | ||
|
||
Red Hat: 2011:1496-01: bind: Important Advisory (Nov 29) | ||
|
||
Red Hat: 2011:1479-01: kernel: Important Advisory (Nov 29) | ||
|
||
Red Hat: 2011:1478-01: java-1.5.0-ibm: Critical Advisory (Nov 24) | ||
|
||
Ubuntu: 1285-1: Linux kernel vulnerabilities (Nov 29) | ||
|
||
Ubuntu: 1283-1: APT vulnerability (Nov 28) | ||
|
||
Ubuntu: 1282-1: Thunderbird vulnerabilities (Nov 28) | ||
|
||
Ubuntu: 1281-1: Linux (OMAP4) vulnerabilities (Nov 24) | ||
|
||
Ubuntu: 1280-1: Linux (OMAP4) vulnerabilities (Nov 24) | ||
|
||
Ubuntu: 1279-1: Linux (Natty backport) vulnerabilities (Nov 24) | ||
|
||
Ubuntu: 1278-1: Linux (Maverick backport) vulnerabilities (Nov 24) | ||
|
||
Ubuntu: 1269-1: Linux kernel (EC2) vulnerabilities (Nov 24) | ||
|