On Fri, Mar 07, 2003 at 12:25:26AM +0100, Henrik Nordstrom wrote: > You can always use IDS tools like snort and the like to detect such > strange traffic patterns.
But how can snort tell one SSL connection from the other? > If you like this you should in my eye consider investigating having > the feature added to Squid. It is not very much missing from Squid to > be able to provide such https proxy functionality. I would love to add this to my personal (empty so far) wishlist of Squid features. On my mind Squid is a security component and minimize as many security holes as possible. If Squid would offer such a man-in-the-middle feature that would surely mean that users will always get the Squid SSL certificate and won't be sure who is on the other peer. But that would be the best solution IMHO. Christoph -- ~ ~ ".signature" [Modified] 3 lines --100%-- 3,41 All
pgp00000.pgp
Description: PGP signature
