Leonardo Rodrigues Magalhães wrote:
>
>
> Marcus Kool escreveu:
>> Yes, indeed Squid *does* support P2P using HTTPS tunneling.
> just to make things clear ..... squid supports connection tunneling
> and not only HTTPS tunneling. A misconfigured squid can be used, for
> example, by worms to send spam emails !!! worms can connect to squid
> port (3128) and issues 'CONNECT' to port 25 and it will work !!!
>
> It can tunnel, as it seems to me, any kind of TCP connection and not
> only HTTPS ones.
>
>> You may use the free ufdbGuard Squid redirector to block
>> HTTPS tunneling.
>> ufdbGuard can also block HTTPS sites which have no valid certificate
> VERY VERY BAD idea on the real world :)
This depend on your requirements. There are plenty security officers
who do not want a HTTPS connection to a site with a homemade certificate.
ufdbGuard offers the option to block or not ...
>> and sites which have no FQDN in the URL.
> very GOOD idea :)
>
Received on Wed Jan 23 2008 - 12:57:45 MST
This archive was generated by hypermail pre-2.1.9 : Fri Feb 01 2008 - 12:00:05 MST