Search squid archive

Re: Squid, https , MITM and Antivirus

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Andreas Moroder schrieb:


Hello,
today on our proxy server we have a antivirus between the client and squid. The antivirus listens on 3128 an then passes the packets to squid via 3130. Thats fine with http. The problem is that users access external webmail sites via https and download virus infected files that can not be scanned by the antivirus.
You cannot intercept https communications with squid. This would only be possible after checking the certificates belonging to the connection, decrypting the traffice , inspecting it , caching it and afterwards re-encrypting it. Squid cannot do this, it is a http proxy. Be aware that by allowing https to everywhere you are encountering bigger risks than your attachments only, keyword tunneling the proxy. 

JC
[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux