Is it possible to log the bytes in and out of a connection made with the CONNECT method. ? I am looking at identifying users misusing the SSL connection as a "remote access" solution and was wondering if byte in/byte out ratios could be used to identify the misuse without decrypting the session. Are there other known ways besides IP-address/hostname blacklisting to identify HTTPS tunnels ? Thank you Markus
