RE: Bypassing proxies

To: debian-security@lists.debian.org
Subject: RE: Bypassing proxies
From: DEFFONTAINES Vincent <Vincent.DEFFONTAINES@coe.int>
Date: Tue, 19 Nov 2002 16:59:08 +0100
Message-id: <[🔎] 51341B7FA34CD2119FA20008C7289B1C051C1AFC@panoramix.coe.int>

> 
> > Wondering if some people know of some "content-aware" 
> proxies/filters, to
> > attempt to block [some of] those dangerous products (apart 
> from maintaining
> > a black-list...)
> 
> Since the traffic is encrypted, content filtering
> will not trigger. 
> 

Thats true for HTTPS, not HTTP.
And still, encrypted traffic could be filtered based on other criterias than
content analysis.


> > Certainly, it will always be possible to encapsulate 
> anything in HTML very
> > sharply, but some filtering could be made still? 
> 
> If you allow traffic between the client and the
> Internet at all, tunneling will always be
> possible.

Indeed. But i believe some things could be filtered in some cases, and are
not.

> 
> > (Maybe even run a browser on the proxy and have it check it 
> is able to
> > display what goes through? sounds a bit freak, doesn't it?)
> 
> Why do you allow people to install software on the
> clients, if you don't trust them.
> 

people do what they please.
my job is [to try] to keep the network secure, in spite of users installing
whatever.


> - rk
> 
> -- 
> These wheels are for inline skates only, unless you are stupid.
> Aggressive skating can be dangerous and hazardous to your health. 
> If you get hurt, you are doing it wrong.
> 

>

Reply to:

Follow-Ups:
- Re: Bypassing proxies
  - From: Rolf Kutz <kutz@netcologne.de>
- Re: Bypassing proxies
  - From: Phillip Hofmeister <plhofmei@zionlth.org>

Prev by Date: RE:
Next by Date: Re: [SECURITY] [DSA 187-1] New Apache packages fix several vulnerabilities
Previous by thread: RE: Bypassing proxies
Next by thread: Re: Bypassing proxies
Index(es):
- Date
- Thread