Alissa, Be aware that HTTPS is simply a SSL (Secure Sockets Layer) encrypted connection. There may be legitimate applications (i.e. other than shopping over the internet) that may use SSL. The best thing to do would be to discover/enumerate exactly what internet applications the business uses and verify if any of these sites use SSL. Keep in mind that you should test beyond the initial entry page as the site may have both clear and encrypted pages.
For more information on SSL check out http://www.netscape.com/eng/ssl3/ (note: SSLv2 is much more common, but v3 fills holes in v2). Hope that helps... Brian Greppi Systems/Network Engineer Tempest Computers Phone: 412.826.5005 Mobile: 412.417.5875 Find out why companies like Seagate and Cisco choose Tempest Computers for their High-End Server technologies; visit us at www.tempestcomputers.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 10, 2002 8:44 AM To: [EMAIL PROTECTED] Subject: HTTPS Question Hi All, I want to turn off HTTPS to prevent people on the network from shopping at various sites at work. Anyone know of any vulnerability in doing so? Will I kill something else that uses HTTPS that I haven't thought about? Alissa
