[squid-users] squid + icap for recording ssl data for forensic analysis.

From: Roberto Martelloni <r.martelloni2003_at_libero.it>
Date: Fri, 20 Aug 2010 12:35:30 +0200

Hi to all,

i have readed that in the roadmap of squid 3.3 will be available dynamic
ssl cert hijacking.

I'm interested in this functionality plus icap module to record all ssl
session for network forensic analysis, post incident.

Do you think is possible to use squid + sslbump + icap/ecap to write
down in an structured way all the ssl data forwarded by the proxy ?

anyone have any suggestion or experience in this kind of utilization, or
icap/ecap functionality cant be used for this purpose ? is it out of the
scope ?

great thanks in advance.

R.
Received on Fri Aug 20 2010 - 10:35:38 MDT

This archive was generated by hypermail 2.2.0 : Fri Aug 20 2010 - 12:00:03 MDT