Re: Redirect HTTPS with Squid3+Squidguard

To: debian-user@lists.debian.org
Subject: Re: Redirect HTTPS with Squid3+Squidguard
From: Reco <recoverym4n@gmail.com>
Date: Thu, 26 Mar 2015 15:51:50 +0300
Message-id: <[🔎] 20150326155150.246957029666332067526e0a@gmail.com>
In-reply-to: <[🔎] CAPa6PsFt1=c8+6+zdigochknMrgHhWeSofmOpPoo=myeKGT-xw@mail.gmail.com>
References: <[🔎] 550F1FB8.1030309@abwesend.de> <[🔎] jbfpujsrodv8@mids.svenhartge.de> <[🔎] 20150322161031459610300.NoCcsPlease@bob.proulx.com> <[🔎] kbfqc92rodv8@mids.svenhartge.de> <[🔎] trinity-16611559-8bb9-4e79-9f61-9b027df65c5b-1427099581524@3capp-gmx-bs01> <[🔎] slrnmgvmdm.5bu.liam.p.otoole@dipsy.tubbynet> <[🔎] lbfrnnsrodv8@mids.svenhartge.de> <[🔎] 55109358.7080509@abwesend.de> <[🔎] mbfu3k3rodv8@mids.svenhartge.de> <[🔎] 20150324153518514183009.NoCcsPlease@bob.proulx.com> <[🔎] 5513EE85.5060908@abwesend.de> <[🔎] 11bg3gmtrodv8@mids.svenhartge.de> <[🔎] CAPa6PsFt1=c8+6+zdigochknMrgHhWeSofmOpPoo=myeKGT-xw@mail.gmail.com>

 Hi.

On Thu, 26 Mar 2015 13:21:57 +0100
Peter Viskup <skupko.sk@gmail.com> wrote:

> Hi,
> just jumped into SSLBump/Split features some months ago. I don't find these
> features harmful. Especially when protecting your children from access of
> YouTube or other possibly harmful sites. Once you are logged with Google
> account they redirect your communication to https which makes the
> inspection not possible. The Squid's SSLBump/Split (whose name in latest
> version SslPeekAndSplice) is the only feature which will make the
> inspection happen. This means there are still some cases where this feature
> is very helpful and the only one freely available.

If you're considering that spying on your own children is a good idea -
I don't even know what to say. They solve such problems here by
educating children, not limiting their internet access. Besides, if a
child would really want to bypass such access control - he or she will
find a way sooner or later (hint - a cellphone, for instance).

The only good usage of SSL Bump in my book is reverse-engineering
certain proprietary applications.

Recp

Reply to:

Follow-Ups:
- AW: Redirect HTTPS with Squid3+Squidguard
  - From: "Sascha Steinmann (adremes GmbH & Co KG)" <steinmann@adremes.com>

References:
- Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Bob Proulx <bob@proulx.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: linux-michael-i@abwesend.de
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Liam O'Toole <liam.p.otoole@gmail.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Bob Proulx <bob@proulx.com>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: "Michael I." <linux-michael-i@abwesend.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Sven Hartge <sven@svenhartge.de>
- Re: Redirect HTTPS with Squid3+Squidguard
  - From: Peter Viskup <skupko.sk@gmail.com>

Prev by Date: Re: Redirect HTTPS with Squid3+Squidguard
Next by Date: Re: Redirect HTTPS with Squid3+Squidguard
Previous by thread: Re: Redirect HTTPS with Squid3+Squidguard
Next by thread: AW: Redirect HTTPS with Squid3+Squidguard
Index(es):
- Date
- Thread