Search squid archive

Re: RES: block https requests

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 16.12.08 13:51, Ricardo Augusto de Souza wrote:
>  I AM used to block sites using:
> 
> 
> acl bad_sites dstdomain "/etc/squid/bad_sites.txt"
> 
> http_access deny bad_sites
> 
>   
> 
> With this my users cannot access all domains listed in
> "/etc/squid/bad_sites.txt" using http but they can access using https.

squid does not see what's in https requests, they are enctypted. That's that
the "s" means (secure): only client and server know what's inside, nobody
other.

you can disable CONNECT method to those hots. You may need to disable
CONNECT to IP addresses.

Or you may do an MITM attack and use sslbump (which means, https won't be
secure anymore for your clients). Clients will detect it - they will see
certificate mismatch (since you won't be able to provide anyone's
certificate but yours)

> How do I solve this?

disable https?
-- 
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Support bacteria - they're the only culture some people have. 

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux