yah, tapikan skrang banyak yang pake HTTPS. kalo masalah password bisa dilihat , kayaknya nggak deh, soalnya disini jarang ada advance usersipelaut wrote:tidak bisa... keknya
https tidak bisa dicache sama squid
klo bisa dicache username sama password pesbuk bisa diliat dongg
gimana kang cara aktifinnya, bisa di sebutkan langkah"nya? masih newbie nih.yudiarbi wrote:SSL port di aktifin di squid
Web filtering proxies are not able to peer inside secure sockets HTTP transactions, assuming the chain-of-trust of SSL/TLS has not been tampered with. As a result, users wanting to bypass web filtering will typically search the internet for an open and anonymous HTTPS transparent proxy. They will then program their browser to proxy all requests through the web filter to this anonymous proxy. Those requests will be encrypted with https. The web filter cannot distinguish these transactions from, say, a legitimate access to a financial website. Thus, content filters are only effective against unsophisticated users.
As mentioned above, the SSL/TLS chain-of-trust does rely on trusted root certificate authorities; in a workplace setting where the client is managed by the organization, trust might be granted to a root certificate whose private key is known to the proxy. Concretely, a root certificate generated by the proxy is installed into the browser CA list by IT staff. In such scenarios, proxy analysis of the contents of a SSL/TLS transaction becomes possible. The proxy is effectively operating a man-in-the-middle attack, allowed by the client's trust of a root certificate the proxy owns.
Reason: code as quote
Users browsing this forum: No registered users and 65 guests