Andreas Moroder schrieb:
Hello,
today on our proxy server we have a antivirus between the client and
squid. The antivirus listens on 3128 an then passes the packets to
squid via 3130. Thats fine with http. The problem is that users access
external webmail sites via https and download virus infected files
that can not be scanned by the antivirus.
You cannot intercept https communications with squid. This would only be
possible after checking the certificates belonging to the connection,
decrypting the traffice , inspecting it , caching it and afterwards
re-encrypting it. Squid cannot do this, it is a http proxy.
Be aware that by allowing https to everywhere you are encountering
bigger risks than your attachments only, keyword tunneling the proxy.
JC
- Re: [squid-users] Squid, https , MITM and Antivirus Jakob Curdes
-
