Matus UHLAR - fantomas wrote:
> On 17.02.08 18:10, Sam Przyswa wrote:
>> We use Squid and SquidGuard to control webmails access, that work fine,
>> but for those who use HTTPS protocole Squid/SquidGuard doesn't operate.
>> Is it a way to control HTTPS as well HTTP trafic ?
>
> no. the HTTPS traffic consists of CONNECT requests where the procy has no
> idea what URLs are being retrieved and what requests (GET/POST/...) pass
> through it - that is the 's'="secure" in the https.
False. If https traffic goes via Squid, the URL can go to a redirector and
filter based on either
a) domain name
b) connect to the site and verify valid certificate
ufdbGuard does this and successfully blocks SSH tunnels over HTTPS.
Everybody should use ufdbGuard and have one security threat less. It is free!
Marcus
Received on Tue Feb 19 2008 - 11:38:56 MST
This archive was generated by hypermail pre-2.1.9 : Sat Mar 01 2008 - 12:00:05 MST