Some companies sell products such as this : http://www.symmetrypro.com/FaB.htm that any clueless user can install with the help of 3 mouse clicks on their dektop.
It autodetects proxy settings, creates an HTTP tunnel through corporate proxy to software editor companyserver, so you can read your email from everywhere... and so possibly the editor company or any bad guy having rooted them get easy access to your internal network. Wondering if some people know of some "content-aware" proxies/filters, to attempt to block [some of] those dangerous products (apart from maintaining a black-list...) Certainly, it will always be possible to encapsulate anything in HTML very sharply, but some filtering could be made still? ie, If a HTTP or HTTPS connection takes "too long" it should be dropped by proxy. and many checks could be made by proxy to validate content, which I am not sure are checked by products such as squid? (Maybe even run a browser on the proxy and have it check it is able to display what goes through? sounds a bit freak, doesn't it?) By the way, I am really starting to wonder if running a HTTPS proxy is really reasonable... Vincent .''`. | Vincent Deffontaines : :' : Debian GNU/Linux | Network Administrator `. `~' http://www.debian.org | Council of Europe `- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]