LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 01-19-2012, 03:51 AM   #1
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 106

Rep: Reputation: Disabled
No https sites logs in transparent proxy


Hi...All,
I have configured trasparent proxy server and it is working fine. But the proxy server is not getting any logs about https sites. But if the client system is configured with browser settings then we can see the https sites logs.

So could anybody please help what can be done to get https sites logs while the client's PCs browser is configured without any settings(i.e while using trasparent proxy)

Last edited by mandyapenguin; 01-19-2012 at 12:04 PM.
 
Old 01-19-2012, 05:12 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,415

Rep: Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968Reputation: 1968
what are you doing to proxy them? Transparent proxying is horible, I would realluy try to avoid it if at all possible. You will especially struggle to proxy https though, as unless you KNOW you are using a proxy you will not send a CONNECT request in the first place, so your proxy would need to perform a man-in-the-middle attack - intercept the connection, pretend to be the end site and spoof the remote sites SSL certificates. Again, I would *really* suggest trying hard to ditch ideas of using transparent proxying. You could use, for example, a centralized proxy.pac to allow a good level of centralized configuration, but transparency really is not as good as you probably think it is.

Fundamentally though, I would guess the reason the proxy simply reports nothing is that you're not redirecting port 443, only port 80. redirecting this will then let you have a whole world of extra problems if you persue this line of attack.

Also note - are you allowed to proxy https connnections? What do you think employees will do, presuming this is a place of work etc.., when they find out you have been breaking into their online banking sessions or such like? You could well be on the receiving end of legal action...

Last edited by acid_kewpie; 01-19-2012 at 05:14 AM.
 
1 members found this post helpful.
Old 01-19-2012, 05:13 AM   #3
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,975

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Hi,

This is because usually in transparent mode, https traffic is not going through the proxy. See here for some sort of explanation
If you want to use transparent proxy for https, take a look at this.

Regards
 
1 members found this post helpful.
Old 01-19-2012, 12:23 PM   #4
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 106

Original Poster
Rep: Reputation: Disabled
Thank you acid_kewpie,
Thank you very much for your kind advice,
I really don't know these and all. When I was trying to find out my systems logs, I was not getting the logs about https sites even gmail, facebook, orkut. Then I configured browser settings in my system, thought of any other https sites and searched from google for https sites and found about the logs. But after seeing these and all, I don't want to proxy any https sites and also never tries to open any unknown https sites.
Sir once again thanks for your kind suggestion.

Last edited by mandyapenguin; 01-19-2012 at 12:46 PM.
 
1 members found this post helpful.
Old 01-19-2012, 12:35 PM   #5
mandyapenguin
Member
 
Registered: Nov 2011
Location: India
Distribution: RedHat, Cent OS, Fedora, Debian, Ubuntu
Posts: 106

Original Poster
Rep: Reputation: Disabled
Hi.. bathory,
Thanks a lot for providing more information with this links.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
transparent proxy squid: problem with the HTTPS pnguwe Linux - Networking 7 11-22-2011 09:00 AM
Transparent proxy for LAN works, except HTTPS Ulysses_ Linux - Security 1 06-17-2011 11:22 PM
linux Proxy server and https sites blocking Ammad Linux - Server 1 08-19-2009 11:26 PM
https in transparent proxy DeepY0X Linux - Networking 14 03-09-2009 02:49 PM
some ftp sites not opan in squid transparent proxy adpkumar Linux - Server 1 02-21-2009 09:26 AM


All times are GMT -5. The time now is 07:13 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration