LinuxSecurity.com Feature Extras:
Squid and Digest Authentication - Digest AuthenticationDigest Authentication hashes the password before transmitting over the wire. Essentially it sends a message digest generated from multiple items including username, realm and nonce value. If you want to know more see (RFC 2617).
Squid and Basic Authentication - This is perhaps the easiest authentication helper to configure in Squid, but also the most insecure. The biggest problem with Basic is it transmits username and password in clear text, hence very susceptible to network sniffing or man in the middle type attacks. The only reason I'm writing about it is it's a valid authentication mechanism in some limited circumstances. Secondly I want to show you how authentication has evolved over the years.
(Nov 30) | ||
|
||
(Nov 28) | ||
|
||
Exclusive: Millions of printers open to devastating hack attack (Nov 29) | ||
|
||
New Apache Reverse Proxy Issue Uncovered (Nov 28) | ||
|
||
Android glitch allows hackers to bug phone calls (Dec 1) | ||
|
||
(Nov 30) | ||
|
||
Anonymous: 'We hacked cybercop's email' (Nov 28) | ||
|