Security Basics mailing list archives
RE: blocking https
From: Mike Fetherston <mike_sha () shaw ca>
Date: Thu, 08 Dec 2005 10:38:44 -0500
Yes, thank you Jim! I seemed to have "filtered" out (pun intended) that the OP had mentioned Squid. I just naturally fell into thinking about this at the packet/firewall level. I totally agree that a proxy would be better suited to handle restricting https access to specific websites. I believe the latest version of Squid (3.0) can filter on HTTPS requests. Mike Fetherston
-----Original Message----- From: jim () openanswers co uk [mailto:jim () openanswers co uk] Sent: Thursday, December 08, 2005 10:16 AM To: Mike Fetherston Cc: muruganandam_c () sifycorp com; security-basics () securityfocus com Subject: RE: blocking httpsBlocking all would be a simple matter of closing outbound connections to port 443. If you want to block specific https sites you would have to pair up port 443 with that site's ip address. The tricky part comes in when sites use caching (Akamai) or round robin dns.. Mike FetherstonA better solution would be to pass all outgoing requests through a web proxy. Most decent web proxies will allow rules to be set up based on hostnames, avoiding the issue of matching IP addresses to the sites in question. Regards, Jim Halfpenny
Current thread:
- blocking https muruganandam_c (Dec 07)
- RE: blocking https Ramki B (Dec 08)
- Re: blocking https ilaiy (Dec 08)
- Re: blocking https Miguel Bolanos (Dec 12)
- Re: blocking https Miguel Bolanos (Dec 12)
- Re: blocking https rvenne (Dec 08)
- <Possible follow-ups>
- RE: blocking https Mike Fetherston (Dec 08)
- Message not available
- RE: blocking https jim (Dec 09)
- Message not available
- Re: blocking https rvenne (Dec 09)
- RE: blocking https Mike Fetherston (Dec 09)