Re: [squid-users] Security bug in squid LDAP authentication

From: Henrik Nordstrom <[email protected]>
Date: Wed, 21 Apr 2004 18:18:59 +0200 (CEST)

On Wed, 21 Apr 2004 ashish.uchil@tcs.com wrote:

> I am using squid with LDAP modules to authenticate to various Win 2k ADS .
> Each user gets a pop up dialogue box to authenticate himself each time he
> tries to browse the internet.

Yes.

> If passwords are saved in browsers they get saved in the registry and is
> easily hackable.

Only if you are using a weak Windows version..

> Thus if anyone could suggest any method by which i can directly pass on my
> Windows logon credentials to Squid server.

NTLM authentication. See winbind in the Squid FAQ for details.

Regards
Henrik
Received on Wed Apr 21 2004 - 10:19:06 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Apr 30 2004 - 12:00:02 MDT