My bad ..
Good point unless its intercepting the ssl stream. there are ways of doing it http://wiki.squid-cache.org/Features/SslBump but its dodgy ..
On Wed, Aug 15, 2012 at 12:28 PM, John R Pierce pierce@hogranch.com wrote:
On 08/14/12 5:18 PM, Gregory Machin wrote:
Once is lands at the browser it's no longer ssl . It can then be blocked from running , or block the infect file from being written to the file system. As is done on windows.
SSL effectively creates a pipe that one cant see into , but the ends are open and data is visible .
how does the 'astaro security gateway' William Warren mentioned do that? my query was in direct response to the three lines I quoted from William. he was referring to an appliance gateway at the network border.
-- john r pierce N 37, W 122 santa cruz ca mid-left coast
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos