Network Security: Detailed info on [CISSP-D] Proxy Servers and SSL

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security CISSP-Discussion

[Top] [All Lists]

[CISSP-D] Proxy Servers and SSL

from [PLDT FOA-Armando Bonifacio] Network Security

[Permanent Link]

Subject:	[CISSP-D] Proxy Servers and SSL
Date:	Wed, 27 Oct 2004 04:13:00 +0800

I recently went through a phone interview for a company and they asked me a 
question regarding deafeating proxy servers.
 
Of course my initial answers were using public proxy servers that mask the 
actual URL if the proxy servers use URL based filtering, or type in the IP 
address of the website instead of the domain. There are a lot of public proxy 
servers that do URL masking anyway, such as usproxy.net.
 
Then came the idea of SSL. 
 
Let's say the proxy server has a filter turned on for domain.com
 
If the user, uses https://domain.com, won't the proxy server still be able to 
block this?
 
My interviewer said that it won't. But i was the under the impression that it 
should.
 
The assumption is that the proxy server can proxy both 80 and 443 requests.
 
Looking forward to an enlightenment from the group.
 
Anton

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[CISSP-D] Proxy Servers and SSL, PLDT FOA-Armando Bonifacio <= Re: [CISSP-D] Proxy Servers and SSL, Glenn Phillips Re: [CISSP-D] Proxy Servers and SSL, Glenn Phillips

Previous by Date:	[CISSP-D] Re: Cryptography - Hybrid Approach, Jeff
Next by Date:	Re: [CISSP-D] Proxy Servers and SSL, Glenn Phillips
Previous by Thread:	[CISSP-D] Cryptography - Hybrid Approach, subbarau_2004
Next by Thread:	Re: [CISSP-D] Proxy Servers and SSL, Glenn Phillips
Indexes:	[Date] [Thread] [Top] [All Lists]