On 4/21/05, Peter N. M. Hansteen <[EMAIL PROTECTED]> wrote:
> alex wilkinson <[EMAIL PROTECTED]> writes:
> 
> > Is it possible to detect users tunneling out over HTTPS i.e through a 
> > firewall.
> > e.g. users using something like corkscrew ssh over a HTTPS tunnel.
> 
> Possible? Yes, with some qualification.
> 
> Available out of the box with default PF config? No.
> 
> You could for example set up a pf rule to redirect https traffic to a
> content analyzer of your choice, with smart pattern matching software
> which runs on something with lots and lots of processing power, before
> letting the traffic pass on to wherever it was going in the first
> place.  The effort involved would be non-trivial to say the least.


Is it possible to disguise this behaviour ? From a client perspective.

 - aW

Reply via email to