[ previous ] [ next ] [ threads ]
 
 From:  SDamron <sdamron at gmail dot com>
 To:  "Don Munyak" <don dot munyak at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] dansguardian squid transparent proxy rdr
 Date:  Wed, 27 Dec 2006 12:17:09 -0600
You would need to use a list to block that type of thing.  That is one
of the major reasons that companies make money from selling content
filtering solutions, they spend A LOT of TIME compiling the lists for
blocking, say, All web based email, etc.  If you wanted to block say
something like GMail, you would just block *.gmail.com, or
*.gmail.google.com, or some such thing.

On 12/27/06, Don Munyak <don dot munyak at gmail dot com> wrote:
> ---------- Forwarded message ----------
> From: Lee Sharp <leesharp at hal dash pc dot org>
> Date: Dec 27, 2006 12:13 PM
> Subject: Re: [m0n0wall] dansguardian squid transparent proxy rdr
> To: m0n0wall at lists dot m0n0 dot ch
>
>
> From: "Don Munyak" <don dot munyak at gmail dot com>
>
> > I have implemented a transparent proxy solution which is working
> > flawlessly for http(80).
> > I am hoping someone will help me or direct me to a solution for http(443).
>
> My understanding is that the entire point of SSL is to prevent exactly what
> you are trying to do.  It is secure communication between the ssl server and
> the client.
>                                 Lee
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
> Lee, I can't disagreed with your point. I am still pretty new to the
> whole content filtering with squid thing.
>
> Granted, SSL is typically used for ecommerce and for the endusers
> protection. However, the scenario's I was addressing are for example:
>
> -the employee trying to access their bank account during work hours.
> -the employee trying to access a web based external email account via https.
> the potential for an employee requesting a page via https, like ebay,
> and which has the 'ebayobjects' bots for tracking useage.
>
> Now I have no real issue with accessing a bank account. It was the
> only example I could think of quickly. These are just thoughts in my
> head..you know, the 'hmmm'  or what-if stuff. I suppose I could be
> making a simple solution too complex.
>
> Regards
>
> ~Don
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>


-- 
-------------------------------
A fight to the death between zombies has a few inherent problems.