Matus UHLAR - fantomas wrote:
On 17.02.08 18:10, Sam Przyswa wrote:
We use Squid and SquidGuard to control webmails access, that work fine,
but for those who use HTTPS protocole Squid/SquidGuard doesn't operate.
Is it a way to control HTTPS as well HTTP trafic ?
no. the HTTPS traffic consists of CONNECT requests where the procy has no
idea what URLs are being retrieved and what requests (GET/POST/...) pass
through it - that is the 's'="secure" in the https.
False. If https traffic goes via Squid, the URL can go to a redirector and
filter based on either
a) domain name
b) connect to the site and verify valid certificate
ufdbGuard does this and successfully blocks SSH tunnels over HTTPS.
Everybody should use ufdbGuard and have one security threat less. It is free!
Marcus
