Re: [squid-users] Squid 3.2.0.14 beta is available

From: Henrik Nordstr�m <henrik_at_henriknordstrom.net>
Date: Tue, 13 Dec 2011 12:45:37 +0100

tis 2011-12-13 klockan 22:59 +1300 skrev Amos Jeffries:

> Squid has resolved the domain name (www.facebook.com) the client
> (10.0.2.45) was supposedly contacting and determined that the IP
> (66.220.147.33) the packet was going to does not belong to that domain name.
>
> Details about the alert and some things which can be done about it when
> it appears are at
> http://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery

Which can easily happen if the client and Squid is using different DNS
servers as facebook and a number of other sites are responding to DNS
differently based on the source of the DNS query, or even randomly
changing to aid load balancing.

facebook.com is very noticeable here, they have very many server
addresses, but each DNS response contains only one single address.

Regards
Henrik
Received on Tue Dec 13 2011 - 11:45:47 MST

This archive was generated by hypermail 2.2.0 : Tue Dec 13 2011 - 12:00:03 MST