SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2020-01-18 18:07 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0001169 | Endian Firewall | Proxy HTTP | public | 2008-07-28 09:07 | 2011-05-26 12:27 | ||||||
| Reporter | mormogeacl | ||||||||||
| Assigned To | |||||||||||
| Priority | normal | Severity | feature | Reproducibility | N/A | ||||||
| Status | acknowledged | Resolution | open | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.2-rc2 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0001169: Web proxy antivirus not work on SSL https protocol | ||||||||||
| Description | Web proxy antivirus not work on SSL https protocol | ||||||||||
| Additional Information | Web proxy antivirus not work on SSL https protocol http://www.eicar.org/anti_virus_test_file.htm [^] | ||||||||||
| Tags | No tags attached. | ||||||||||
| Attached Files | |||||||||||
 Relationships |
||||||||||||||||||||||||||
|
||||||||||||||||||||||||||
 Relationships |
|
Notes |
|
|
(0001588) peter-endian (administrator) 2008-09-09 13:47 |
The matter of an encrypted channel (SSL) is that *nobody* can read or scan its contents. This includes also a web proxy. We don't intercept ssl connections yet. Maybe this will come in the future |
|
(0006163) datapharmer (reporter) 2011-04-29 16:44 |
I would love to see this implemented. It is a reality that it would be simple to bypass all firewall virus scanning and filtering simply by linking to a site that starts with https... Sonic wall implements this by intercepting and then issuing a replacement certificate, which could be installed to clients via network policy. See sonic wall kb article for details: http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=8365 [^] |
|
(0006501) datapharmer (reporter) 2011-05-26 12:27 |
This may be a good solution for a future version of endian: http://wiki.squid-cache.org/Features/SslBump [^] |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2008-07-28 09:07 | mormogeacl | New Issue | |
| 2008-07-28 09:07 | mormogeacl | Status | new => assigned |
| 2008-07-28 09:07 | mormogeacl | Assigned To | => simon-endian |
| 2008-09-09 13:47 | peter-endian | Note Added: 0001588 | |
| 2008-09-09 13:47 | peter-endian | Assigned To | simon-endian => |
| 2008-09-09 13:48 | peter-endian | Severity | minor => feature |
| 2008-09-09 13:48 | peter-endian | Reproducibility | have not tried => N/A |
| 2008-09-09 13:53 | peter-endian | Status | assigned => acknowledged |
| 2009-10-21 16:38 | peter-endian | Relationship added | has duplicate 0002284 |
| 2009-10-21 16:40 | peter-endian | Relationship added | duplicate of 0000749 |
| 2010-09-24 09:27 | peter-endian | Relationship added | parent of 0002488 |
| 2010-09-24 09:27 | peter-endian | Relationship added | parent of 0002591 |
| 2011-04-29 16:44 | datapharmer | Note Added: 0006163 | |
| 2011-05-26 12:27 | datapharmer | Note Added: 0006501 | |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |