SSL TLS HTTPS Web Server Certificate Fingerprints

Posted on March 5, 2014 by mea

Public and Private keys form cryptographically matched pairs. It is not feasible to derive one from the other, yet what one encrypts only the matching other can decrypt. Website SSL security certificates provide the site’s Public cryptographic key which is the public side of the server’s secret Private cryptographic key which is never publicly disclosed. Only the certificate’s public key can be used to encrypt data which the remote server can decrypt only using its matching private key. Since the SSL Proxy Appliance does not have the private key of the remote server—because only the remote server has it—the fake & fraudulent certificate the SSL Proxy provides to the user’s web browser is forced to use a different public key for which it does have a matching private key. And that means that no matter how hard any SSL-intercepting Proxy Appliance may try to spoof and fake any other server’s certificate, the certificate’s public key MUST BE DIFFERENT

via GRC | SSL TLS HTTPS Web Server Certificate Fingerprints

The remote server’s REAL certificate and the SSL Appliance’s FAKED certificate MUST HAVE AND WILL HAVE radically different fingerprints. They will not be remotely similar..

How to block flash videos using Squid proxy Server

Posted on December 27, 2013 by mea

A popular request is to block certain content types from being served to clients. Squid currently can not do “content inspection” to decide on the file type based on the contents, but it is able to block HTTP replies based on the servers’ content MIME Type reply.

via How to block flash videos using Squid proxy Server | Linux Blog.

Google now proxies images sent to Gmail users

Posted on December 13, 2013 by mea

It’s simple for senders to do this. Embed in each message a viewable image—or if you’re feeling sneaky, a nearly invisible image—that contains a long, random-looking string in the URL that’s unique to each receiver or e-mail. When Google proxy servers request the image, the sender knows the user or message corresponding to the unique URL is active or has been viewed. In Moore’s tests, the proxy servers requested the image each subsequent time the Gmail message was opened, at least when he cleared the temporary Internet cache of his browser. That behavior could allow marketers—or possibly lawyers, stalkers, or other senders with questionable motives—to glean details many receivers would prefer to keep to themselves. For instance, a sender could track how often or at what times a Gmail user opened a particular message.

via Dear Gmailer: I know what you read last summer (and last night and today) | Ars Technica.

The key to this issue is that Gmail now defaults to images on in email which should always be off. In order to fix this Google must cache all images upon receipt of every email. Doing it when a user requests an email defeats the entire purpose. It’s always good practice to view with images off on all email no matter what the provider claims.

Nokia’s MITM on HTTPS traffic from their phone

Posted on January 9, 2013 by mea

From the tests that were preformed, it is evident that Nokia is performing Man In The Middle Attack for sensitive HTTPS traffic originated from their phone and hence they do have access to clear text information which could include user credentials to various sites such as social networking, banking, credit card information or anything that is sensitive in nature.

via Nokia’s MITM on HTTPS traffic from their phone « Treasure Hunt.

Squid Analyzer – Freecode

Posted on August 22, 2012 by mea

Squid Analyzer parses the native access log format of the Squid proxy and reports general statistics about hits, bytes, users, networks, top URLs, and top second level domains. Statistic reports are oriented toward user and bandwidth control; this is not a pure cache statistics generator.

via Squid Analyzer – Freecode.

SquidGuard

Posted on June 15, 2012 by mea

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free. SquidGuard is published under GNU Public License.

via SquidGuard.

http://www.adzapper.sourceforge.net also seems good.

WordPress Plugin Unblocks Censored Sites, Including The Pirate Bay

Posted on January 27, 2012 by mea

WordPress Plugin Unblocks Censored Sites, Including The Pirate Bay | TorrentFreak.

The plugin is developed by the hosting company Greenhost and allows everyone with a WordPress blog to start a proxy for sites that are censored elsewhere in the world. As an example, Greenhost have setup a Pirate Bay and Wikileaks proxy.

Bucktown Bell

Cut to the chase.

Tag Archives: proxy