<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#464646" bgcolor="#FFFFFF">
<br>
Hi Eliezer:<br>
<br>
<a class="moz-txt-link-freetext" href="http://articatech.net/tmpf/categories/banking.gz">http://articatech.net/tmpf/categories/banking.gz</a><br>
<a class="moz-txt-link-freetext" href="http://articatech.net/tmpf/categories/cleaning.gz">http://articatech.net/tmpf/categories/cleaning.gz</a><br>
<br>
<br>
<br>
<div class="moz-cite-prefix">Le 04/01/2021 à 10:27,
<a class="moz-txt-link-abbreviated" href="mailto:ngtech1ltd@gmail.com">ngtech1ltd@gmail.com</a> a écrit :<br>
</div>
<blockquote type="cite"
cite="mid:002001d6e27b$e03ae820$a0b0b860$@gmail.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style>@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:#464646;}a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:#464646;}span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Consolas",serif;
color:#464646;}span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}div.WordSection1
{page:WordSection1;}ol
{margin-bottom:0in;}ul
{margin-bottom:0in;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:windowtext">Hey David.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Indeed it
should be done with the local websites however, These sites
are pretty static.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Would it be
OK to publish theses lists online as a file/files?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">The main
issue is that ssl-bump requires couple “fast” acls.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">I believe it
should be a “fast” acl but we also need the option to use an
external helper like for many other function.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">If I can
choose between “fast” as default and the ability to run a
“slow” external acl helper I can<br>
choose what is right for/in my environment.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Currently I
cannot program a helper that will decide if a CONNECT
connection should be spliced or bumped programmatically.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">It forces me
to reload this list manually which might take couple
seconds.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Eliezer<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span style="color:windowtext">----<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Eliezer
Croitoru<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Tech
Support<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Mobile:
+972-5-28704261<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Email: <a
href="mailto:ngtech1ltd@gmail.com"
moz-do-not-send="true">ngtech1ltd@gmail.com</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext">Zoom:
Coming soon<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span style="color:windowtext"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:windowtext">From:</span></b><span
style="color:windowtext"> squid-users
<a class="moz-txt-link-rfc2396E" href="mailto:squid-users-bounces@lists.squid-cache.org"><squid-users-bounces@lists.squid-cache.org></a> <b>On
Behalf Of </b>David Touzeau<br>
<b>Sent:</b> Monday, January 4, 2021 10:23 AM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:squid-users@lists.squid-cache.org">squid-users@lists.squid-cache.org</a><br>
<b>Subject:</b> Re: [squid-users] PCI Certification
compliance lists<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi Eiezer, <br>
<br>
I can help you by giving a list but <br>
<br>
Just by using "main domains": <o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">Banking/transcations : 27 646 websites.<o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l0
level1 lfo1">AV sofwtare and updates sites (fw, routers...)
: 133 295 websites<o:p></o:p></li>
</ul>
<p class="MsoNormal" style="margin-bottom:12.0pt"><br>
I can give it to you the lists , they are incomplete and it
should decrease squid performance by loading huge databases.<br>
Perhaps it is better for the Squid administrator to fill it's
own list according it's country or company activity.<br>
<br>
<br>
<br>
<o:p></o:p></p>
<div>
<p class="MsoNormal">Le 03/01/2021 à 15:12, <a
href="mailto:ngtech1ltd@gmail.com" moz-do-not-send="true">ngtech1ltd@gmail.com</a>
a écrit :<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<pre>I am looking for domains lists that can be used for squid to be PCI<o:p></o:p></pre>
<pre>Certified.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>I have read this article:<o:p></o:p></pre>
<pre><a href="https://www.imperva.com/learn/data-security/pci-dss-certification/" moz-do-not-send="true">https://www.imperva.com/learn/data-security/pci-dss-certification/</a><o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>And couple others to try and understand what might a Squid proxy ssl-bump<o:p></o:p></pre>
<pre>exception rules should contain.<o:p></o:p></pre>
<pre>So technically we need:<o:p></o:p></pre>
<pre>- Banks<o:p></o:p></pre>
<pre>- Health care<o:p></o:p></pre>
<pre>- Credit Cards(Visa, Mastercard, others)<o:p></o:p></pre>
<pre>- Payments sites<o:p></o:p></pre>
<pre>- Antivirus(updates and portals)<o:p></o:p></pre>
<pre>- OS and software Updates signatures(ASC, MD5, SHAx etc..)<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>* <a href="https://support.kaspersky.com/common/start/6105" moz-do-not-send="true">https://support.kaspersky.com/common/start/6105</a><o:p></o:p></pre>
<pre>*<o:p></o:p></pre>
<pre><a href="https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-e" moz-do-not-send="true">https://support.eset.com/en/kb332-ports-and-addresses-required-to-use-your-e</a><o:p></o:p></pre>
<pre>set-product-with-a-third-party-firewall<o:p></o:p></pre>
<pre>*<o:p></o:p></pre>
<pre><a href="https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s" moz-do-not-send="true">https://service.mcafee.com/webcenter/portal/oracle/webcenter/page/scopedMD/s</a><o:p></o:p></pre>
<pre>55728c97_466d_4ddb_952d_05484ea932c6/Page29.jspx?wc.contextURL=%2Fspaces%2Fc<o:p></o:p></pre>
<pre>p&articleId=TS100291&_afrLoop=641093247174514&leftWidth=0%25&showFooter=fals<o:p></o:p></pre>
<pre>e&showHeader=false&rightWidth=0%25¢erWidth=100%25#!%40%40%3FshowFooter%3<o:p></o:p></pre>
<pre>Dfalse%26_afrLoop%3D641093247174514%26articleId%3DTS100291%26leftWidth%3D0%2<o:p></o:p></pre>
<pre>525%26showHeader%3Dfalse%26wc.contextURL%3D%252Fspaces%252Fcp%26rightWidth%3<o:p></o:p></pre>
<pre>D0%2525%26centerWidth%3D100%2525%26_adf.ctrl-state%3D3wmxkd4vc_9<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre><o:p> </o:p></pre>
<pre>If someone has the documents which instructs what domains to not inspect it<o:p></o:p></pre>
<pre>would also help a lot.<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>Thanks,<o:p></o:p></pre>
<pre>Eliezer<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>----<o:p></o:p></pre>
<pre>Eliezer Croitoru<o:p></o:p></pre>
<pre>Tech Support<o:p></o:p></pre>
<pre>Mobile: +972-5-28704261<o:p></o:p></pre>
<pre>Email: <a href="mailto:ngtech1ltd@gmail.com" moz-do-not-send="true">ngtech1ltd@gmail.com</a><o:p></o:p></pre>
<pre>Zoom: Coming soon<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre><o:p> </o:p></pre>
<pre><o:p> </o:p></pre>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>squid-users mailing list<o:p></o:p></pre>
<pre><a href="mailto:squid-users@lists.squid-cache.org" moz-do-not-send="true">squid-users@lists.squid-cache.org</a><o:p></o:p></pre>
<pre><a href="http://lists.squid-cache.org/listinfo/squid-users" moz-do-not-send="true">http://lists.squid-cache.org/listinfo/squid-users</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</blockquote>
<br>
</body>
</html>