RE: Security tool for monitoring HTTPS traffic?

["Glyn" <glyng () moiler com>]

> > > > Are they products they can look inside HTTPS traffic? Some 
> > > > customers doesn't trust HTTPS traffic going inside the company 
> > > > over the proxy!
> > >
> > > There is no way to look at the plain text content inside
> > the https traffic
> > > - that would defeat the whole purpose of https.
> >
> > 4 words: Man in the middle.
> >
> > It's perfectly possable to intercept the inital exchange, 
> and present 
> > the apperence of HTTPS, while evesdropping on the plain text.
>
> Yes, you can do a man in the middle attack - I was thinking 
> about passive interception, which is what I thought was being 
> asked about (a product to look into any arbitrary https 
> stream going through a proxy).

Its not clear exactly what we're trying to achieve here.

If you are the provider of the HTTPS server then you presumably have access
to the server SSL keys.  There are IDS products(1) that will use the keys
and to monitor the content of HTTPS traffic as they would clear-text
communications.  You could use those to monitor/log/manage all requests

Glyn.

(1) Unforutunately I can't remember which product I've seen that does this.
Hopefully it'll job someone's memory on the list.