Re: I was wondering about SSL\socks support from squid side?

From: Henrik Nordström <henrik_at_henriknordstrom.net>
Date: Thu, 13 Jun 2013 01:44:12 +0200

tor 2013-06-13 klockan 02:18 +0300 skrev Eliezer Croitoru:
> I have seen the wiki:
> http://wiki.squid-cache.org/Features/Socks

Nothing implemented. And have not been given any priority as it's not
HTTP related.

> and was wondering about it very much!
> I have a situation that I have access to SSL ports only which are being
> detected by NDPI(Deep Inspection) or similar mechanism.

Deep inspection as in that they look that there is actually SSL taking
place, or that they decrypt the SSL to inspect what's inside?

> I want to access my local network resources such as files and other data
> on a secure channel that is not:
> 1. SSH port forwarding\tunneling.
> 2. VPN
> 3. Layer 2 secure channels.

So publish them using https service, with appropriate access controls.

> I first want to ask for the existing working options that you might know of.
> The main issue about it that most of the natted(super multi nantted like
> a government) complex networks doesn't allow the usage of any tunneling
> protocol that can allow network level routing.

Yes... and please don't try to bypass security policies.

> The situation is a school which has a filtering solution and we want to
> "exploit" in order to give them transparent support.

Not sure what you mean by exploit or transparent here.

> This school have a lots of sensitive data which we don't want the third
> party which is reliable for filtering but not security to be aware of.

I do not quite follow.. who want to provide access to whom?

Do the school want to provide outside access to internal data while
being behind a multi-level-NAT network with deep packet inspection? Or
do you want to access your data while being within such messed up
network?

Regards
Henrik
Received on Wed Jun 12 2013 - 23:44:18 MDT

This archive was generated by hypermail 2.2.0 : Thu Jun 13 2013 - 12:01:30 MDT