-
Write a fake helper for Basic authentication that always returns either OK or ERR . -
Use tcpdump or ethereal to capture some HTTP requests . Decode the authorization credentials. -
If you're using NTLM, capture some HTTP requests and attempt a replay attack. -
Kill Squid's authentication helper processes one-by-one while running tail -f cache.log . -
Find out what happens to your favorite NTLM-based authenticator when it can't communicate with the NT domain controller. |