On Fri Nov 19 2004 at 17:17, James Yonan wrote: > While OpenVPN can use TCP port 443 or tunnel over a proxy using the HTTP > CONNECT method, it makes no effort to impersonate the HTTP or HTTPS > protocols.
AFAIK, it can use SSL, just like any HTTPS server. > So any proxy that sanity-checks the HTTP CONNECT clients to make sure they > are talking real HTTPS would be able to block OpenVPN. Most proxies only check the destination port. Some proxies decipher the SSL session and inspect the HTTP content, but they have to encipher the session back to the client, with their own fix certificate (=> warning on the browser) or with a on-the-fly generated certificate. This is an expensive process. _______________________________________________ Nessus mailing list [EMAIL PROTECTED] http://mail.nessus.org/mailman/listinfo/nessus
