Search squid archive

Re: Blocking SSL Port does not work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 05.07.10 18:24, Malvin Rito wrote:
> I'm trying to block SSL port 443 on my squid server but no luck on several
> tries. My squid Server is running Transparent Mode.

You must block port 443 on your firewall, not on squid.

If you intent to block port 443, it's useless to redirect it to squid.

If you want to intercept port 443, you should know thatit's called
man-in-the-middle attack since the traffic is encrypted between browser and
server. While newest squid supports this by using SSLBump feature, browers
can detect that you did this because the squid's certificate won't match the
server name.

-- 
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.


[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux