Hello,
This is a tricky one:
1. Traffic is encrypted so any attempt to proxy the traffic could be consider a man in
the middle attack.
- apparently there was a ssl patch or in a future version of squid you will be
able to filter / log HTTPS connections.
Right now I am using the following method:
##### CONNECT proto - allow goodsites
acl goodsslsites dstdom_regex "/tmp/ssl_sites"
http_access deny !goodsslsites goodhttps
I have another filter that only allows the CONNECT method on port 443.
In my ssl_sites file is a list of domains that company employees need access to. I
have added in all banks and a few
requested sites (once they where verified to be work related).
This was done to block people from running SSL tunnels over port 443 to gain access to
non approved work applications.
Then on port 80 only allow HTTP traffic.
Michael.
On Wed, 4 Aug 2004 17:20:15 -0400
"McDonald, Rob" <[EMAIL PROTECTED]> wrote:
>
> I am looking to start caching SSL traffic, so I can make the content conform
> to company HR policies.
>
> There are commercial products that do this.�
>
> I was wondering what the Squid crowd was doing for this issue?
>
> Thanks,
> Rob
>
>
>
>
--
Michael Gale
Network Administrator
Utilitran Corporation
