Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Blocking Google Talk

From: James <jimbob.coffey () gmail com>
Date: Tue, 27 Jun 2006 12:07:13 +1000
On 6/22/06, Oliver Humpage <oliver () watershed co uk> wrote:

On 21/6/06 6:48 pm, "Dale W. Carder" <dwcarder () doit wisc edu> wrote:


Do you really think you can get away with firewalls forever?  Are you
ready for the everything on port 443 internet?


Surely if you need things that locked down, you can install yourself as a CA
on desktops in the organisation, then do MITM SSL proxy filtering much as
you might do port 80 http proxy-filtering now.


Does anybody know of legal implications associated with this kind of
filtering ?  A lot of organisations now allow users to bank online via
the orgs internet infrastructure as it is benefical to both parties.

 If you are doing analysis on a mitm ssl stream you will potentially
collect every users banking credentials. Would you have to redirect
ssl connections to a web page that advises them of this ? I could see
that the banks would also like to be advised if you are planning to do
this and they more than likely will block access from organisations
partaking in this strategy.  Banks are just the primary example.




Oliver.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards




-- 
James
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: