Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode

2018-02-02 Thread Alex Crow 

On 02/02/18 15:12, Roberto Carna wrote:

OK Matus, now I understandbut let me ask one more question:

In explicit mode, is it possible that a given person with Squid
advanced knowledge can see the plain text of the traffic? Because if
this person is the admin of the proxy server, I think it may be a way
to read the plain content of the connection user-remote server.

Thanks a lot again !!!


Unless you are using ssl-bump/peek and splice (which will be show up a 
warning in the browser if squid's CA in not installed in its list of 
authorities) the traffic is tunneled through squid still encrypted. You 
can't see anything but the domain part of the URL.


If you are bumping, and have installed CAs into browsers, just, of 
course it's possible for a proxy admin to see the plaintext.


Cheers

Alex
--
This message is intended only for the addressee and may contain
confidential information. Unless you are that person, you may not
disclose its contents or use it in any way and are requested to delete
the message along with any attachments and notify us immediately.
This email is not intended to, nor should it be taken to, constitute advice.
The information provided is correct to our knowledge & belief and must not
be used as a substitute for obtaining tax, regulatory, investment, legal or
any other appropriate advice.

"Transact" is operated by Integrated Financial Arrangements Ltd.
29 Clement's Lane, London EC4N 7AE. Tel: (020) 7608 4900 Fax: (020) 7608 5300.
(Registered office: as above; Registered in England and Wales under
number: 3727592). Authorised and regulated by the Financial Conduct
Authority (entered on the Financial Services Register; no. 190856).
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode

2018-02-02 Thread Roberto Carna 
OK Matus, now I understandbut let me ask one more question:

In explicit mode, is it possible that a given person with Squid
advanced knowledge can see the plain text of the traffic? Because if
this person is the admin of the proxy server, I think it may be a way
to read the plain content of the connection user-remote server.

Thanks a lot again !!!

2018-02-02 12:06 GMT-03:00 Matus UHLAR - fantomas :
> On 02.02.18 11:42, Roberto Carna wrote:
>>
>> Dear, I can't understand an important concept:
>>
>> I know that in transparent proxy mode, I have to intercept HTTPS
>> traffic in order to proxy and filter it.
>>
>> But I read in the pfSense's Squid help that in explicit mode there is
>> no need to intercept the HTTPS traffic in order to proxy and filter
>> itwhy is this possible? I think the explicit Squid proxy has to
>> intercept traffic in order to porxy and eventually filter it
>>
>> Please can you explain me this concept?
>
>
> explicit mode is where the client explicitly connect to the proxy and asks
> it to CONNECT to the server. There's no need to intercept the connection
> because the connection is done to the proxy.
> --
> Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> WinError #98652: Operation completed successfully.
> ___
> squid-users mailing list
> squid-users@lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

Re: [squid-users] I can't understand the SSL connectios interception concept in explicit mode

2018-02-02 Thread Matus UHLAR - fantomas 

On 02.02.18 11:42, Roberto Carna wrote:

Dear, I can't understand an important concept:

I know that in transparent proxy mode, I have to intercept HTTPS
traffic in order to proxy and filter it.

But I read in the pfSense's Squid help that in explicit mode there is
no need to intercept the HTTPS traffic in order to proxy and filter
itwhy is this possible? I think the explicit Squid proxy has to
intercept traffic in order to porxy and eventually filter it

Please can you explain me this concept?


explicit mode is where the client explicitly connect to the proxy and asks
it to CONNECT to the server. There's no need to intercept the connection
because the connection is done to the proxy.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #98652: Operation completed successfully.
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users

[squid-users] I can't understand the SSL connectios interception concept in explicit mode

2018-02-02 Thread Roberto Carna 
Dear, I can't understand an important concept:

I know that in transparent proxy mode, I have to intercept HTTPS
traffic in order to proxy and filter it.

But I read in the pfSense's Squid help that in explicit mode there is
no need to intercept the HTTPS traffic in order to proxy and filter
itwhy is this possible? I think the explicit Squid proxy has to
intercept traffic in order to porxy and eventually filter it

Please can you explain me this concept?

Special thanks
___
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users