[squid-users] Squid log details - HTTPS tunnel detection

From: Markus Moeller <huaraz@dont-contact.us>
Date: Wed, 23 May 2007 17:46:18 +0100

Is it possible to log the bytes in and out of a connection made with the
CONNECT method. ? I am looking at identifying users misusing the SSL
connection as a "remote access" solution and was wondering if byte in/byte
out ratios could be used to identify the misuse without decrypting the
session.

Are there other known ways besides IP-address/hostname blacklisting to
identify HTTPS tunnels ?

Thank you
Markus
Received on Wed May 23 2007 - 10:47:27 MDT

This archive was generated by hypermail pre-2.1.9 : Fri Jun 01 2007 - 12:00:05 MDT