Re: man-in-the-middle

To: debian-firewall@lists.debian.org
Subject: Re: man-in-the-middle
From: rsnyder@toontown.erial.nj.us (Bob Snyder)
Date: Thu, 7 Oct 2004 08:47:17 -0400
Message-id: <[🔎] 20041007124717.GB13797@toontown.erial.nj.us>
In-reply-to: <[🔎] 20041007123752.40366.qmail@web11906.mail.yahoo.com>
References: <[🔎] 200410080751.51939.cullanthony@iprimus.com.au> <[🔎] 20041007123752.40366.qmail@web11906.mail.yahoo.com>

On Thu, Oct 07, 2004 at 05:37:52AM -0700, Mike Mestnik wrote:

> Sorry, squid uses NFS for remote storage.  This is not like being an NFS
> server, that a client could connect to.  Since there is no way for a
> client to connect, how would squid know it should connect to a server if
> it even could?  If there's a patch or hack, I don't think debian will be
> shiping it in the squid package.

Squid (or most any other https proxy) can usually be set up to tunnel
aribitrary TCP streams, assuming it allows users to specify port
numbers, like https://www.example.com:4000/

The only thing needed is to send the appropriate CONNECT string after
the connect to squid is opened. After the CONNECT string, squid just
passes bytes back and forth.

I'm not sure I understand the original problem...  Two hosts configured
to be on seperate subnets but on the same wire? Two hosts with some kind
of layer 2 device blocking connectivity between them but on the same
subnet?

Bob

Reply to:

Follow-Ups:
- Re: man-in-the-middle
  - From: Mike Mestnik <cheako911@yahoo.com>

References:
- Re: man-in-the-middle
  - From: Lord-Storm <cullanthony@iprimus.com.au>
- Re: man-in-the-middle
  - From: Mike Mestnik <cheako911@yahoo.com>

Prev by Date: Re: man-in-the-middle
Next by Date: Re: man-in-the-middle
Previous by thread: Re: man-in-the-middle
Next by thread: Re: man-in-the-middle
Index(es):
- Date
- Thread