Re: How to block proxing https connection ??

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Piyush,

Piyush Joshi wrote:
> Dear All Expert,
>                          I am new to this list and have a question
> regarding netfilter. We are successfully running netfilter and now we
> are seeing that some users using malicious tools to go to the internet
> by creating https connection to outside proxy and open banned sites,
> Is there any patch for iptables to prevent this ??
> 

Well, considering you cannot inspect the content of an HTTPS connection,
the *best* way to do that is to allow HTTPS connection only to websites
you know and want to authorize.

Your users must use a proxy you control to go on the Internet. Then, you
can just filter HTTPS website using a white list of authorized ones.

Note that, from the Netfilter point of view, HTTP and HTTPS connections
are only seen as TCP connection, no difference is made between them.

Regards,
Julien

> 
> Thanks Regards
> 
> Piyush Joshi
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
begin:vcard
fn:Julien Vehent
n:Vehent;Julien
email;internet:julien@xxxxxxxxxxxxxx
tel;cell:+33 6 23 86 58 73
note;quoted-printable:Linuxwall Root Certificate :=0D=0A=
	http://www.linuxwall.info/files/ca-linuxwall.crt=0D=0A=
	=0D=0A=
	Personal Certificate :=0D=0A=
	http://www.linuxwall.info/files/JulienVehent.pem
x-mozilla-html:FALSE
url:http://www.linuxwall.info
version:2.1
end:vcard

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux