Firewall Wizards mailing list archives
Re: Application Proxy/L7 Firewall Recommendation?
From: Carson Gaspar <carson () taltos org>
Date: Thu, 05 Sep 2002 16:20:38 -0400
--On Thursday, September 05, 2002 2:34 PM +0200 Balazs Scheidler <bazsi () balabit hu> wrote:
And yes SSL means that you can peek into decrypted SSL streams. (url filtering in HTTPS, anyone?) You can limit CONNECT, or stack in a decrypting HTTPS proxy within the CONNECT method to avoid instant messengers to go through your firewall.
I'm glad to see that someone finally did this. I'd be interested in how the certificate spoofing is done, and what (if any) performance optimizations (such as spoofed cert caching) have been implemented. I did a design for this back in 1995 or so, but my employers decided not to implement it.
-- Carson _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Application Proxy/L7 Firewall Recommendation? Jeff Newton (Sep 05)
- Re: Application Proxy/L7 Firewall Recommendation? Balazs Scheidler (Sep 05)
- Re: Application Proxy/L7 Firewall Recommendation? John Adams (Sep 05)
- Re: Application Proxy/L7 Firewall Recommendation? Carson Gaspar (Sep 06)
- Re: Application Proxy/L7 Firewall Recommendation? Adam Shostack (Sep 06)
- Re: Application Proxy/L7 Firewall Recommendation? Carson Gaspar (Sep 06)
- Re: Application Proxy/L7 Firewall Recommendation? John Adams (Sep 05)
- Re: Application Proxy/L7 Firewall Recommendation? Balazs Scheidler (Sep 06)
- Re: Application Proxy/L7 Firewall Recommendation? Balazs Scheidler (Sep 05)
- Re: Application Proxy/L7 Firewall Recommendation? Carson Gaspar (Sep 05)
- <Possible follow-ups>
- RE: Application Proxy/L7 Firewall Recommendation? Dawes, Rogan (ZA - Johannesburg) (Sep 05)
- RE: Application Proxy/L7 Firewall Recommendation? Noonan, Wesley (Sep 06)
- RE: Application Proxy/L7 Firewall Recommendation? ark (Sep 09)
- RE: Application Proxy/L7 Firewall Recommendation? Paul D. Robertson (Sep 09)
- Re: Application Proxy/L7 Firewall Recommendation? ark (Sep 09)
- RE: Application Proxy/L7 Firewall Recommendation? Paul D. Robertson (Sep 09)
- RE: Application Proxy/L7 Firewall Recommendation? Noonan, Wesley (Sep 09)
- RE: Application Proxy/L7 Firewall Recommendation? kaptain (Sep 09)
- RE: Application Proxy/L7 Firewall Recommendation? Noonan, Wesley (Sep 10)