Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi...All,
I have configured trasparent proxy server and it is working fine. But the proxy server is not getting any logs about https sites. But if the client system is configured with browser settings then we can see the https sites logs.
So could anybody please help what can be done to get https sites logs while the client's PCs browser is configured without any settings(i.e while using trasparent proxy)
Last edited by mandyapenguin; 01-19-2012 at 11:04 AM.
what are you doing to proxy them? Transparent proxying is horible, I would realluy try to avoid it if at all possible. You will especially struggle to proxy https though, as unless you KNOW you are using a proxy you will not send a CONNECT request in the first place, so your proxy would need to perform a man-in-the-middle attack - intercept the connection, pretend to be the end site and spoof the remote sites SSL certificates. Again, I would *really* suggest trying hard to ditch ideas of using transparent proxying. You could use, for example, a centralized proxy.pac to allow a good level of centralized configuration, but transparency really is not as good as you probably think it is.
Fundamentally though, I would guess the reason the proxy simply reports nothing is that you're not redirecting port 443, only port 80. redirecting this will then let you have a whole world of extra problems if you persue this line of attack.
Also note - are you allowed to proxy https connnections? What do you think employees will do, presuming this is a place of work etc.., when they find out you have been breaking into their online banking sessions or such like? You could well be on the receiving end of legal action...
Last edited by acid_kewpie; 01-19-2012 at 04:14 AM.
This is because usually in transparent mode, https traffic is not going through the proxy. See here for some sort of explanation
If you want to use transparent proxy for https, take a look at this.
Thank you acid_kewpie,
Thank you very much for your kind advice,
I really don't know these and all. When I was trying to find out my systems logs, I was not getting the logs about https sites even gmail, facebook, orkut. Then I configured browser settings in my system, thought of any other https sites and searched from google for https sites and found about the logs. But after seeing these and all, I don't want to proxy any https sites and also never tries to open any unknown https sites.
Sir once again thanks for your kind suggestion.
Last edited by mandyapenguin; 01-19-2012 at 11:46 AM.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
