'Preventing' HTTP Tunneling (cont) HTTPS uses SSL for encryption Proxy must connect client to server, cannot inspect data $ nc proxy 3128 CONNECT home.my_server.net:443 HTTP/1.0 Proxy-authorization: Basic cmVlZ2VuOnR3aW5z User-Agent: Mozilla/3.01Gold (X11; I; HP-UX A.09.05 9000/770) HTTP/1.0 200 Connection established SSH-1.99-OpenSSH_3.7.1p2 Solution? Block the CONNECT method. Create angry employees.
Copyright 2003, Bri Hatch of Onsight, Inc.
Presented at SecureWorld Expo, 2003.
Presentation created using vim and MagicPoint.