Use this forum to post questions relating to WinGate, feature requests, technical or configuration problems
Oct 21 03 12:32 pm
Is there a way to
stop clients
tunneling SSL connections via "HTTP Connect" method (see
http://www.securityfocus.com/bid/4131 or
http://www.kb.cert.org/vuls/id/150227 for more details about this issue)? I am running Wingate 4.3. Thank you in advance.
O.
Oct 21 03 2:17 pm
In WWW Proxy
- Non-Proxy Requests - check Reject Request (Default)
- Https - uncheck allow any - add Port 443
Larry
Oct 21 03 7:11 pm
>In WWW Proxy
>- Non-Proxy Requests - check Reject Request (Default)
Ok, i have checked it's as you suggested (Default)!
>- Https - uncheck allow any - add Port 443
Can't find any HTTPS reference in my Wingate 4.3's Gatekeeper. p.s. this installation didn't include ENS.
More suggestions needed.
O.
Oct 21 03 10:59 pm
Is there an Https tab under WWW Proxy?
Oct 22 03 2:55 am
i think this was a later feature
I would recommend an upgrade to a version of 5... that allows you to lock down which ports you will connect to via the CONNECT method in HTTP, which is the method that browsers use for SSL, which is why it is commonly called SSL support, or SSL tunnelling.
Adrien
Powered by phpBB © phpBB Group.
phpBB Mobile / SEO by Artodia.