Re: Log HTTP(S) URLs

["Paul Melson" <pmelson () gmail com>]

> a search for terminating proxy brought up the fact that since version 2.5
squid is capable of proxying 
> transparent https connections. 
http://wiki.squid-cache.org/SquidFaq/CompleteFaq#head-593dae4b6b740816917a6c
c2ce5854d3d43624ee

Using Squid's --enable-ssl switch does not act as a transparent proxy via
NAT port redirection*, and will cause browser warnings for every browser I
can think of.  Squid's certificate will fail to match the intended
destination domain and/or CA certificate, forcing your users to click "Yes"
a bunch of times in order to use the web.  Seriously, you'd be better off
blocking SSL altogether.

Using Squid's support for the CONNECT method is neither transparent, nor
does it terminate SSL.  It will not tell you what URL the browser visits,
only the destination IP address and port.

* Making Squid into a transparent proxy (or making any transparent proxy)
requires that you put a NAT device in your network path that redirects
traffic to the proxy.  It's not a trivial change to your border
architecture.

PaulM


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users