Answer the question
In order to leave comments, you need to log in
N
N
Nikita Bykov2011-08-26 09:26:33
Nikita Bykov, 2011-08-26 09:26:33
About transparent proxying?
Good afternoon!
I am aware that the topic is as old as the world, but there is hope that something has changed. Everyone knows that SQUID does not transparently proxy HTTPS traffic, on the site I found a mention that this is a man-in-the-middle attack, so they refuse to support it. Everything would be fine, but every month the list of what needs to be opened through NAT is growing and growing. My heart feels that in a year or two or three, transparent proxying will have to be abandoned. maintaining huge allowed lists will be stressful. And I use a transparent proxy exclusively for filtering "unwanted" traffic at work. Like many others.
Actually, what is the question: who does what with https in his sponsored network?
3 answer(s)
@smartlight
@bondbig
@EugeneSukhov
S
smartlight, 2011-08-26 @smartlight
I didn’t consider transparent proxying at all, and therefore I don’t have a headache now.
Satisfied users go through 3128 and do not buzz.
S
Sergey, 2011-08-26 @bondbig
Don't use transparent casting, that's all there is to it. The proxy should be on the side, not in the gap.
Well, or buy BlueCoat, for example. They know the same man-in-the-middle.
E
EugeneSukhov, 2011-08-26 @EugeneSukhov
BlueCoat costs good money, MitM for https can be assembled from improvised means, but I think it's easier to put a proxy on the side.
Similar questions
Z
D
K
M
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question