Preventing saturation by limiting the number or source of conenctions
Brought to you by:
mavey
Is there a way to limit the number of connections that CNTLM allows at any one time ?
I am receiving the following failure from a secutrity scan -
"The proxy allows the users to perform repeated CONNECT requests to itself.
This allow anybody to saturate the proxy CPU, memory or file descriptors.
Note that if the proxy limits the number of connections
from a single IP (e.g. acl maxconn with Squid), it is
** protected against saturation and you may ignore this alert."
Is there a way to emulatae Squid with a maxconn setting ?