Am 06.01.21 um 20:37 schrieb Nikolai Lusan:
On Wed, 2021-01-06 at 19:18 +0100, Reindl Harald wrote:
the point of https is to clap on dirty fingers of anyone in the
middle
of the connection, no matter if his intention is good or bad
My initial thinking was that the https port was just being used, and
not that it was actually https traffic, although this seems not to be
the case (verifying would require a deeper dive into the packet stream
than I have time for right now).
if you can distinct the content of https traffic we have a problem
houston
I agree - but it doesn't stop people using port 443 for other data
transmission, for example ssh on port 443 often allows you to bypass
proxies or overly strict firewalls. Just because it's "reservered" as a
port for secure http transmission doesn't mean that's what it's being
used for. I suspected it might be sctp traffic, but again I can't
verify anything with my current time constraints.
don't change the fact that you have no business to mangle around in
encrypted traffic - that's the whole point of encryption
