RE: filter ssl traffic

["Burton M. Strauss III" <BStrauss () acm org>]

What you might want to do is create an ssl proxy. Then users create an ssl
connection to the proxy and the proxy creates a connection to the remote
site.  That gives the proxy machine visibility of the unencrypted data.

Don't know if such a beast exists as freeware - search the web for
'transparent ssl proxy' - you'll find some interesting reading and a
commercial product or two that might meet your needs.


-----Burton

-----Original Message-----
From: Vladimir B. Kropotov [mailto:slyman2000 () mail ru]
Sent: Monday, November 24, 2003 12:40 AM
To: zidan; security-basics () securityfocus com
Subject: Re: filter ssl traffic



----- Original Message -----
From: "zidan" <zidan00 () fastmail fm>
To: <security-basics () securityfocus com>
Sent: Monday, November 17, 2003 1:21 PM
Subject: filter ssl traffic


> Hello,
> I use squid with viruswall and it works great, but I also wish to filter
> ssl traffic.
> I wish to check ssl traffic both on url and antivirus check.

Yeah I know how to this on W2k. M.b. I'll write SSL Sniffer.
Basically there are two ways:
- You MUST know the keys  OR
- you must intercept traffic when it already decrypted.

Regards
Vladimir B. Kropotov


---------------------------------------------------------------------------
----------------------------------------------------------------------------


---------------------------------------------------------------------------
----------------------------------------------------------------------------