On 06/07/10 10:33, Malvin Rito wrote:
> Thanks. But how can I implement SSLBump to block port 443 for only specific
> websites such as blocking Proxy Sites which use https?
>
I'm not clear on SSLBump too. It appears to be documented as a feature
for passing HTTPS traffic to an ICAP server for further analysis and
filtering. However, can it also be used within squid.conf for the
non-domain part of a url in things like url regex acls, eg on an https
connection allow or disallow requests containing the word "facebook" or
the like?
>
> If you want to intercept port 443, you should know thatit's called
> man-in-the-middle attack since the traffic is encrypted between browser and
> server. While newest squid supports this by using SSLBump feature, browers
> can detect that you did this because the squid's certificate won't match the
> server name.
>
>
I did not think that was the case - does it not generate certs for the
requested websites on the fly, and if you've installed the CA cert in
the client browser the only difference the user will notice is that the
issuer is different to what they get, say, at home?
Cheers
Alex
Received on Tue Jul 06 2010 - 17:25:40 MDT
This archive was generated by hypermail 2.2.0 : Wed Jul 07 2010 - 12:00:13 MDT