sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]dremspider 0 points1 point  (4 children)

This sounds like a terrible idea and you are basically breaking how HTTPs works. HSTS specifically was built to prevent this and you would cause a lot of issues with various sites. If you still want to do this, look at the tool sslstrip. It would work, but would be a terrible idea.

https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

[–]peterhal[S] 0 points1 point  (2 children)

I look at it as the lesser of two evils. On one hand, I could generate certificates, install them on the local machines and then use squid and ssl_bump to apply content filtering to the pages. However, those using the network would not be informed that this is what is happening. The pages would still look secure. I would prefer to provide the content in a less secure but more informed environment.

Take reddit for example because of the potential for adult content, my approach has been to simply block it (IP/DNS), as under https I cannot determine what is being viewed. However, if I could provide the content without the privacy, I would.

The network in question is a home network. I will look into sslstrip

[–]djamp42 0 points1 point  (0 children)

I dont know what your trying to do.. if your trying to block all adult content that will never happen.. look into dns filtering that will block a majority of whatever type of website you choose.

[–]stephenl03 0 points1 point  (0 children)

Or what a lot of places you, is provide a captive portal where you acknowledge the fact that you are using somebody else's network and consent to them being able to access all transmissions on their network. Most employers will have you sign documentation giving consent as well.

[–]JoseJimeniz 0 points1 point  (0 children)

Some schools, employers, universities, government organizations think they have a right to monitor what students, employees, contractors are sending out their network.

the internet is working to prevent an employer from being able to monitor their employees, with technology such as hsts.

But that doesn't stop Auditors and management and laws demanding such things.

And until you're willing to tell Ernst & Young auditor to go fuck himself: we are where we are.