Hi,
my company are going to buy Websense web security suite.
It seems to be able to decrypt and check contents in ssl tunnel.
Is it really important to do this to prevent malicius code or dangerous
threat?
Thanks and regards.
Ivan
On Wed, 30 Sep 2009 14:58:08 +0200, Ivan.Galli_at_aciglobal.it wrote:
Hi, i have a question about https traffic content.
There is some way to check what pass through ssl tunnel?
Can squidguard or any other programs help me?
The 'S' in HTTPS means Secure or SSL encrypted.
Why do you want to do this?
Depends on the type of service environment are you working with...
* ISP-like where 'random' people use the proxy?
- dont bother. This is a one-way road to serious trouble.
* reverse-proxy where you own or manage the HTTPS website itself?
- use https_port and decrypt as things enter Squid. Re-encrypt if needed
to
the peer.
* Enterprise setup where you have full control of the workstation
configuration?
- use Squid-3.1 and SslBump. Push out settings to all workstations to
trust
the local proxy keys (required).
Amos
Ivan
