WebApp Sec mailing list archives
Re: Security tool for monitoring HTTPS traffic?
From: Ivan Ristic <ivanr () webkreator com>
Date: Wed, 25 Feb 2004 10:57:54 +0000
Are they products they can look inside HTTPS traffic?
Most of the products mentioned can "look" inside the HTTPS traffic but they are meant to be used by individuals, as part of assessment. They are not actually looking into this traffic, rather they are standing in between the client and the server and only the traffic between them and the server is encrypted. The rest isn't.
Some customers doesn't trust HTTPS traffic going inside the company over the proxy! For example, I have heard that a combination of squid and apache configuraion can do these, but I have never seen it.
It sounds like you need to terminate your traffic on a different server and then forward unencrypted traffic to the actual server, at the same time listening to the unencrypted traffic (using Snort, for example). With Apache, this is a matter of setting up an SSL server which will not serve content itself but forward all requests to another server using mod_proxy (in a reverse proxy setup). You will find these links useful as they discuss this in more details: http://www.sans.org/rr/papers/35/249.pdf http://hillside.net/europlop/europlop2003/papers/WorkshopC/C6_SommerladP.pdf -- ModSecurity (http://www.modsecurity.org) [ Open source IDS for Web applications ]
Current thread:
- RE: Security tool for monitoring HTTP headers?, (continued)
- RE: Security tool for monitoring HTTP headers? Glyn (Feb 24)
- RE: Security tool for monitoring HTTP headers? Internet User (Feb 24)
- Re: Security tool for monitoring HTTP headers? Grega Bremec (Feb 24)
- Re: Security tool for monitoring HTTP headers? lists AT dawes DOT za DOT net (Feb 24)
- Re: Security tool for monitoring HTTP headers? Keith W. McCammon (Feb 24)
- Re: Security tool for monitoring HTTP headers? Ivan Ristic (Feb 24)
- Re: Security tool for monitoring HTTP headers? znndrp (Feb 24)
- Re: Security tool for monitoring HTTP headers? Shade (Feb 24)
- Security tool for monitoring HTTPS traffic? Andreas Fredrich (Feb 24)
- RE: Security tool for monitoring HTTPS traffic? WebAppSecurity [Technicalinfo.net] (Feb 26)
- Re: Security tool for monitoring HTTPS traffic? Ivan Ristic (Feb 26)
- Re: Security tool for monitoring HTTP headers? Martin Tsachev (Feb 24)
- RE: Security tool for monitoring HTTP headers? sunzi (Feb 25)
- Message not available
- Re: Security tool for monitoring HTTPS traffic? Mike (Feb 26)
- Blocking/Screening any HTTP, HTTPS, FTP stream from intern to extern? Andreas Fredrich (Feb 26)
- Re: Security tool for monitoring HTTPS traffic? Mike (Feb 26)
- RE: Security tool for monitoring HTTP headers? Glyn (Feb 24)
- RE: Security tool for monitoring HTTP headers? Toni Heinonen (Feb 24)
- RE: Security tool for monitoring HTTP headers? Booth, Simon (Feb 25)