Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode
On 02/02/18 15:12, Roberto Carna wrote: OK Matus, now I understandbut let me ask one more question: In explicit mode, is it possible that a given person with Squid advanced knowledge can see the plain text of the traffic? Because if this person is the admin of the proxy server, I think it may be a way to read the plain content of the connection user-remote server. Thanks a lot again !!! Unless you are using ssl-bump/peek and splice (which will be show up a warning in the browser if squid's CA in not installed in its list of authorities) the traffic is tunneled through squid still encrypted. You can't see anything but the domain part of the URL. If you are bumping, and have installed CAs into browsers, just, of course it's possible for a proxy admin to see the plaintext. Cheers Alex -- This message is intended only for the addressee and may contain confidential information. Unless you are that person, you may not disclose its contents or use it in any way and are requested to delete the message along with any attachments and notify us immediately. This email is not intended to, nor should it be taken to, constitute advice. The information provided is correct to our knowledge & belief and must not be used as a substitute for obtaining tax, regulatory, investment, legal or any other appropriate advice. "Transact" is operated by Integrated Financial Arrangements Ltd. 29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300. (Registered office: as above; Registered in England and Wales under number: 3727592). Authorised and regulated by the Financial Conduct Authority (entered on the Financial Services Register; no. 190856). ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode
OK Matus, now I understandbut let me ask one more question: In explicit mode, is it possible that a given person with Squid advanced knowledge can see the plain text of the traffic? Because if this person is the admin of the proxy server, I think it may be a way to read the plain content of the connection user-remote server. Thanks a lot again !!! 2018-02-02 12:06 GMT-03:00 Matus UHLAR - fantomas: > On 02.02.18 11:42, Roberto Carna wrote: >> >> Dear, I can't understand an important concept: >> >> I know that in transparent proxy mode, I have to intercept HTTPS >> traffic in order to proxy and filter it. >> >> But I read in the pfSense's Squid help that in explicit mode there is >> no need to intercept the HTTPS traffic in order to proxy and filter >> itwhy is this possible? I think the explicit Squid proxy has to >> intercept traffic in order to porxy and eventually filter it >> >> Please can you explain me this concept? > > > explicit mode is where the client explicitly connect to the proxy and asks > it to CONNECT to the server. There's no need to intercept the connection > because the connection is done to the proxy. > -- > Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ > Warning: I wish NOT to receive e-mail advertising to this address. > Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. > WinError #98652: Operation completed successfully. > ___ > squid-users mailing list > squid-users@lists.squid-cache.org > http://lists.squid-cache.org/listinfo/squid-users ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode
On 02.02.18 11:42, Roberto Carna wrote: Dear, I can't understand an important concept: I know that in transparent proxy mode, I have to intercept HTTPS traffic in order to proxy and filter it. But I read in the pfSense's Squid help that in explicit mode there is no need to intercept the HTTPS traffic in order to proxy and filter itwhy is this possible? I think the explicit Squid proxy has to intercept traffic in order to porxy and eventually filter it Please can you explain me this concept? explicit mode is where the client explicitly connect to the proxy and asks it to CONNECT to the server. There's no need to intercept the connection because the connection is done to the proxy. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. WinError #98652: Operation completed successfully. ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users
[squid-users] I can't understand the SSL connectios interception concept in explicit mode
Dear, I can't understand an important concept: I know that in transparent proxy mode, I have to intercept HTTPS traffic in order to proxy and filter it. But I read in the pfSense's Squid help that in explicit mode there is no need to intercept the HTTPS traffic in order to proxy and filter itwhy is this possible? I think the explicit Squid proxy has to intercept traffic in order to porxy and eventually filter it Please can you explain me this concept? Special thanks ___ squid-users mailing list squid-users@lists.squid-cache.org http://lists.squid-cache.org/listinfo/squid-users