I'm investigating using squid with ICAP to authenticate inbound HTTPS
connections. Basically, we'd want to run squid as part of a
man-in-the-middle attack against our own web servers.
To do this we need to run as a transparent proxy and be able to present a
wildcard SSL certificate for our domain, negotiate SSL, then send the HTTP
request header off to an ICAP server that checks for our magic cookie; if not
present the client will be redirected to an authentication page, if present,
traffic would be passed. We would also need to establish an SSL connection
to the real server, posing as the client.
Can squid do this?
If not, would it be difficult to hook custom code into squid's input and
output mechanisms to do the kooky SSL tricks detailed above? I'd like to
avoid doing Linux iptables tricks, if possible.
Thanks in advance for any guidance,
Neale Pickett
CTN-5 Network Engineering
Los Alamos National Laboratory
Received on Thu Aug 31 2006 - 14:09:01 MDT
This archive was generated by hypermail pre-2.1.9 : Fri Sep 01 2006 - 12:00:02 MDT