How can I prevent squid from being detected?

linux squid

I've set up a proxy server on AWS in the US in order to allow me to browse the american internet from the UK, however I would like to hide this so that the reverse end cannot detect I am using squid. Is this possible, and if so, how?


You can inhibit X-Forwarded-For with

header_access X-Forwarded-For deny all

in squid.conf

this is all I've required but further headers you may wish to deny are at http://www.christianschenk.org/blog/enhancing-your-privacy-using-squid-and-privoxy/


This is straight from my squid.conf:

#Privacy Things
via off
forwarded_for off
follow_x_forwarded_for deny all

Since version 3.0 you need to build squid from source for these limitations to work with some special flag for './configure'. This is how I build mine:

./configure --enable-http-violations --prefix=/usr --includedir=/usr/include \
  --datadir=/usr/share --bindir=/usr/sbin --libexecdir=/usr/lib/squid        \
  --localstatedir=/var --sysconfdir=/etc/squid --enable-auth="ntlm,basic"    \
  --enable-follow-x-forwarded-for

(CentOS 5.5)


this is my config, now my squid proxy not detected anymore.

#Anonymizing traffic
forwarded_for off
#request_header_access Allow allow all
#request_header_access All allow all

request_header_access X-Forwarded-For deny all
request_header_access Via  deny all

Have you considered setting up a VPN to the AWS instance instead of setting up Squid? Then route traffic through the AWS instance, which would avoid squid and be undetectable. Just throwing it out there. That's exactly how a friend of mine set up a VPS in the UK to access the BBC.


Turn Squid3 headers off

via off
forwarded_for off

request_header_access From deny all
request_header_access Server deny all
request_header_access WWW-Authenticate deny all
request_header_access Link deny all
request_header_access Cache-Control deny all
request_header_access Proxy-Connection deny all
request_header_access X-Cache deny all
request_header_access X-Cache-Lookup deny all
request_header_access Via deny all
request_header_access X-Forwarded-For deny all
request_header_access Pragma deny all
request_header_access Keep-Alive deny all

Related

How do I disable SSLv3 support in Apache Tomcat?
How is DNS lookup order determined?
Rsync seems incompatible with .bashrc (causes "is your shell clean?")
Disable prompts while installing a Debian package
Why don't more organizations use inside-to-inside NAT or similar solutions to allow NAT hairpins?
Is there a Windows equivalent of Unix 'CPU steal time'?
How to find my TeamViewer ID on SSH?
What percentage of nameservers honor TTL these days?
Changing the maximum mail size in Postfix
Will tcpdump see packets that are being dropped by iptables?
Is there a specific name for the ".\" (dot-slash) shorthand used to log onto a Windows machine?
SSL routines:SSL23_WRITE:ssl handshake failure