Is there a way to stop clients tunneling SSL connections via "HTTP Connect" method (see http://www.securityfocus.com/bid/4131 or http://www.kb.cert.org/vuls/id/150227 for more details about this issue)? I am running Wingate 4.3. Thank you in advance.
O.
Wingate HTTP Connect Vulnerability (SSL Tunneling)
Moderator: Qbik Staff
5 posts
• Page 1 of 1
Wingate HTTP Connect Vulnerability (SSL Tunneling)
by orestef » Oct 21 03 12:32 pm
- orestef
- Posts: 2
- Joined: Oct 07 03 10:15 am
by orestef » Oct 21 03 7:11 pm
>In WWW Proxy
>- Non-Proxy Requests - check Reject Request (Default)
Ok, i have checked it's as you suggested (Default)!
>- Https - uncheck allow any - add Port 443
Can't find any HTTPS reference in my Wingate 4.3's Gatekeeper. p.s. this installation didn't include ENS.
More suggestions needed.
O.
>- Non-Proxy Requests - check Reject Request (Default)
Ok, i have checked it's as you suggested (Default)!
>- Https - uncheck allow any - add Port 443
Can't find any HTTPS reference in my Wingate 4.3's Gatekeeper. p.s. this installation didn't include ENS.
More suggestions needed.
O.
- orestef
- Posts: 2
- Joined: Oct 07 03 10:15 am
by adrien » Oct 22 03 2:55 am
i think this was a later feature
I would recommend an upgrade to a version of 5... that allows you to lock down which ports you will connect to via the CONNECT method in HTTP, which is the method that browsers use for SSL, which is why it is commonly called SSL support, or SSL tunnelling.
Adrien
I would recommend an upgrade to a version of 5... that allows you to lock down which ports you will connect to via the CONNECT method in HTTP, which is the method that browsers use for SSL, which is why it is commonly called SSL support, or SSL tunnelling.
Adrien
- adrien
- Qbik Staff
- Posts: 5443
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
5 posts
• Page 1 of 1
Who is online
Users browsing this forum: Google [Bot] and 141 guests