On 21.08.08 00:30, soltani_at_imad.fr wrote:
> i know that ftps is not "usual" , by the way if someone have experience
> about proxying ftps with squid or can explain why we can't do it , thx for
> your answers
proxying FTPS, as long as any ssl-encrypted protocol, has not much usage.
You only can control who will FTPS clients connect to.
For HTTPS, you can desipher the connection and in fact do man-in-the-middle
attack by configuring squid that it behaves as desctination server, but as
long as you probably will not have its certificates, the client will
(probably) report that.
For FTPS, there's no way, because:
- squid does not support FTP on server sice (You can only talk http to
squid)
- squid does not support FTPS on clients side (I think)
You can configure the client to abuse squid by using CONNECT request to FTPS
ports, but the only thing you achieve is controlling on squid's side where
(IP:port) the clients may connect to...
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Silvester Stallone: Father of the RISC concept.Received on Thu Aug 21 2008 - 10:22:08 MDT
This archive was generated by hypermail 2.2.0 : Thu Aug 28 2008 - 12:00:05 MDT