Meanwhile, Henrik Nordstrom says:
|
| Sure, SSL can technically be "intercepted", but it won't tell you much
| except that the client on IP X wants to talk to an https server on IP Y
| (not even the requested domainname is known). As said the SSL traffic is
| all encrypted so there is no way of telling what is being done over the
| SSL channel other than that there is some kinds of traffic flowing
| between the browser and the server.
Right. Since I cannot check the content, nor cache it, the best
I can do is log the request.
However, I'm leaning toward using the Automatic proxy
configuration (ie, use a proxy.pac) and redirecting and HTTPS
requests to our VirusWall where it will be logged, such that we
have a record of the attempt. That way I can at least
back-track if necessary (forensically speaking).
More to learn...like, how does it translate to a proxy.pac script the
setting in Netscape, where the Manual Proxy Configuration for
"Security:" is set to the virus wall port to which it is listening?
Time to comb the archives again...
Thanks,
deb
Received on Fri Oct 05 2001 - 17:22:46 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 17:02:37 MST