[squid-users] Analyzing encrypted traffic

Michael Varun michael.varun at inmobi.com
Mon Oct 3 03:34:54 UTC 2016


squid will not be able to intercept encrypted traffic it just does a
passover using CONNECT to the origin server . You can explore the feature
SSL_BUMP which will basically help in intercepting encrypted traffic. You
will need to generate certificates and mimick the clients There are some
dependency on HTML HEADERS as well like AUTHORIZATION ,CACHE CONTROL and so
on. I am currently in same situation as you. I was able to perform GET
calls towards origin server ,But i am getting cache miss most of the time
and in process of investigating



On Mon, Oct 3, 2016 at 6:57 AM, Saeedeh Ghoreishi <
ghoreishi.saeedeh at gmail.com> wrote:

> Hello
>
> I'm student in Concordia university in Montreal, Canada. I'm working on a
> project which is defining a web proxy server to intercepting the encrypted
> traffic of clients. I've used squid 3.5.21 as my transparent proxy server.
> My professor told me that the new version of squid (3.5.21) has the option
> which I can use it to intercept the encrypted data from client to the
> server in the cloud and conversely. I can not find anything special in
> squid 3.5.21 about this analyzing. Could you please inform me?
>
> Regards
> Saeedeh
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
>
>

-- 
_____________________________________________________________
The information contained in this communication is intended solely for the 
use of the individual or entity to whom it is addressed and others 
authorized to receive it. It may contain confidential or legally privileged 
information. If you are not the intended recipient you are hereby notified 
that any disclosure, copying, distribution or taking any action in reliance 
on the contents of this information is strictly prohibited and may be 
unlawful. If you have received this communication in error, please notify 
us immediately by responding to this email and then delete it from your 
system. The firm is neither liable for the proper and complete transmission 
of the information contained in this communication nor for any delay in its 
receipt.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161003/7e5a2c2f/attachment.html>


More information about the squid-users mailing list