[DeleGate-En] Re: Filter and scan https traffic
In message <_A3558@delegate-en.ML_> on 10/23/06(21:09:05)
you Andreas Moroder <firstname.lastname@example.org> wrote:
|PC -> port 3128 -> trendmicro ( on server ) -> port 3130 -> squid ( on
|same server) -> firewall -> world.
|Now I would like to filter https traffic and more important, to scan for
|viruses the https traffic.
|Is it possible to put DeleGate between PC and squid an let it decrypt
|the https and pass files downloaded via https to trendmicro for scanning
| ? Trendmicro can be used as normal command line file scanner, not only
|as as scnanner on a IP port.
I think it should be possible with the feather of DeleGate named
MITM + CFI. <URL:http://www.delegate.org/delegate/mitm/>
The configuration of DeleGate for it will be like this:
delegated -P8080 SERVER=http PROXY=localhost:3130 STLS=mitm FTOCL=av.cfi
[the content of the file av.cfi]
9 9 Yutaka Sato <email@example.com> http://delegate.org/y.sato/
( ~ ) National Institute of Advanced Industrial Science and Technology
_< >_ 1-1-4 Umezono, Tsukuba, Ibaraki, 305-8568 Japan
Do the more with the less -- B. Fuller