Thanks JC;
Has anyone on this list ever deployed a third-party tool to do what JC
suggests? I.e. block or limit file-tyransfers, inspect https traffic so as
to block/allow it based on what it is doing?
Thanks all,
.vp
>> My question is if I've opened myself up to an admin nightmare or am I
>>being smart by preventing some really bad stuff into my network?
>Depends on your users necessities; in most firms I suppose there is no
>absolute need to use webmail accounts from inside the company. If you have
>a usage policy denying private use you can happily allow the dozen or so
>needed https connects.
>The only other way would be to analyze -insted of blocking- https traffic,
>but to do that you need a https protocol analyzer. There are commercial
>products that ca ndo just that, plus limiting the traffic over such a
>tunnel - eg. file transfer etc. But this has nothing to do with squid,
>short of making the point that squid cannot read or understand the https
>stream. Sure you are preventing bad stuff, I would just reverse the
>direction - who would notice or prevent the most secret information
>collected by a trojan and transmitted via standard https ? You would not
>even detect it.
>
>JC
>
>
Received on Tue Jun 19 2007 - 10:53:47 MDT
This archive was generated by hypermail pre-2.1.9 : Sun Jul 01 2007 - 12:00:04 MDT