Bypassing proxies

To: debian-security@lists.debian.org
Subject: Bypassing proxies
From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>
Date: Tue, 19 Nov 2002 14:48:04 +0100
Message-id: <[🔎] 51341B7FA34CD2119FA20008C7289B1C051C1AF9@panoramix.coe.int>

Some companies sell products such as this :
http://www.symmetrypro.com/FaB.htm
that any clueless user can install with the help of 3 mouse clicks on their
dektop.

It autodetects proxy settings, creates an HTTP tunnel through corporate
proxy to software editor companyserver, so you can read your email from
everywhere... and so possibly the editor company or any bad guy having
rooted them get easy access to your internal network.

Wondering if some people know of some "content-aware" proxies/filters, to
attempt to block [some of] those dangerous products (apart from maintaining
a black-list...)

Certainly, it will always be possible to encapsulate anything in HTML very
sharply, but some filtering could be made still? 

ie, If a HTTP or HTTPS connection takes "too long" it should be dropped by
proxy.
and many checks could be made by proxy to validate content, which I am not
sure are checked by products such as squid? 
(Maybe even run a browser on the proxy and have it check it is able to
display what goes through? sounds a bit freak, doesn't it?)

By the way, I am really starting to wonder if running a HTTPS proxy is
really reasonable...

Vincent



 .''`.                            | Vincent Deffontaines
: :'  :   Debian GNU/Linux        | Network Administrator
`. `~'    http://www.debian.org   | Council of Europe
  `-

Reply to:

Follow-Ups:
- Re: Bypassing proxies
  - From: Phillip Hofmeister <plhofmei@zionlth.org>
- Re: Bypassing proxies
  - From: Rolf Kutz <kutz@netcologne.de>

Prev by Date: Debian kernel update?
Next by Date: Re: Bypassing proxies
Previous by thread: Re: Debian kernel update?
Next by thread: Re: Bypassing proxies
Index(es):
- Date
- Thread