|
|
Hi,
Sorry if this is off-topic..any pointers will be appreciated.
Is it possible to look inside an outgoing client-proxy request headers
and
tell whether it's proxy related packet used under the following proxy
scenarios. The goal is to (a) identify wether the outgoing traffic is
proxy and if possible, look inside the header and filter traffic based
on its contents (keyword lookup).
a. users (user-agent) talking to non-SSL HTTP proxies
b. users (user-agent) talking to SLL HTTP proxy (encrypted)
Since the traffic is being redirected via the content filter
(open-source), I could possibly (extremly last option) enable proxy
server on the filter that would support SSL tunneling CONNECT extension
method and identify/filter traffic via HTTP CONNECT.
I'm not sure what I can get out of SSL proxing packets since it creates
a secure connection (encrypted session) between client and server.
What are my options here in order to decode client-proxy request
headers?
Any insight will be appreciated.
regards,
/vic
|
|