Write a fake helper for Basic authentication that always returns either OK or ERR .
Use tcpdump or ethereal to capture some HTTP requests . Decode the authorization credentials.
If you're using NTLM, capture some HTTP requests and attempt a replay attack.
Kill Squid's authentication helper processes one-by-one while running tail -f cache.log .
Find out what happens to your favorite NTLM-based authenticator when it can't communicate with the NT domain controller.