nanog mailing list archives
Re: HTTPS redirects to HTTP for monitoring
From: nanog () jack fr eu org
Date: Sun, 18 Jan 2015 16:24:05 +0100
From my point of view, it is better than violate user privacy & safety.
Sneaky is evil. On 18/01/2015 15:53, Ammar Zuberi wrote:
So your idea is to block every HTTPS website?On 18 Jan 2015, at 6:48 pm, Ca By <cb.list6 () gmail com> wrote:On Sunday, January 18, 2015, Grant Ridder <shortdudey123 () gmail com> wrote: Hi Everyone, I wanted to see what opinions and thoughts were out there. What software, appliances, or services are being used to monitor web traffic for "inappropriate" content on the SSL side of things? personal use? enterprise enterprise? It looks like Websense might do decryption ( http://community.websense.com/forums/t/3146.aspx) while Covenant Eyes does some sort of session hijack to redirect to non-ssl (atleast for Google) ( https://twitter.com/CovenantEyes/status/451382865914105856). Thoughts on having a product that decrypts SSL traffic internally vs one that doesn't allow SSL to start with? -GrantIMHO, it would be better to just block the service and say the encrypted traffic is inconsistent with your policy instead of snooping it and exposing sensitive data to your middle box. These boxes that violate end to end encryption are a great place for hackers to steal the bank and identity info of everyone in your company. That sounds like a lot liablity to put on your shoulders. CB
Current thread:
- HTTPS redirects to HTTP for monitoring Grant Ridder (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring kendrick eastes (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Andy Brezinsky (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Tim Franklin (Jan 20)
- Re: HTTPS redirects to HTTP for monitoring William Herrin (Jan 20)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Ammar Zuberi (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring nanog (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring John R. Levine (Jan 18)
- Message not available
- Re: HTTPS redirects to HTTP for monitoring Larry Sheldon (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring John Levine (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ammar Zuberi (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring William Waites (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Kelly Setzer (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Matt Palmer (Jan 18)
- Re: HTTPS redirects to HTTP for monitoring Damian Menscher (Jan 19)
- Re: HTTPS redirects to HTTP for monitoring Ca By (Jan 18)