Author Topic: How to block https sites with ns5gt.. Blocking https facebook..  (Read 1576 times)

ethanhunt

  • Newbie
  • *
  • Posts: 1
  • Karma: +0/-0
    • View Profile
How to block https sites with ns5gt.. Blocking https facebook..
« on: November 15, 2011, 05:38:54 pm »
We are using ns 5gt. I did url filtering and categori filtering for facebook but to join with https to facebook..
How can I block https facebook?

Thanks..


agustus17

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: How to block https sites with ns5gt.. Blocking https facebook..
« Reply #1 on: September 26, 2012, 03:27:33 am »
i got the same problem too..
how can i block facebook traffic that coming via Https?  :-o

gokul2787

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +1/-0
    • View Profile
Re: How to block https sites with ns5gt.. Blocking https facebook..
« Reply #2 on: September 26, 2012, 05:04:07 am »
I am afraid that cannot be done. Traditional URL filtering works by parsing the 'Host' header of http and deciding if the URL has to be permitted or blocked.

But in case of https, this data is encrypted and the firewall has zero visibility into this :(   One workaround I can think of is to figure out the IPs used by the website and block them. But incase of large websites like FB, it is almost impossible to do that, as they use multiple servers.

A better option would be to involve a proxy server or an IDS device which can offload SSL and then inspect underlying HTTP.
Gokulnaath M
JNCIA FWV, JNCIS FWV

agustus17

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: How to block https sites with ns5gt.. Blocking https facebook..
« Reply #3 on: September 26, 2012, 08:10:36 pm »
hi Gokulnaath,thank you for your reply.
hi mr ethanhunt, please accept my apologize for my indelicate about jump in to your post.

what about using websense as a proxy to block facebook traffic via https? is it working?

gokul2787

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +1/-0
    • View Profile
Re: How to block https sites with ns5gt.. Blocking https facebook..
« Reply #4 on: September 26, 2012, 09:50:08 pm »
Welcome agustus17...
I dont have much experience with proxies. But as long as they can work with certificates and intercept SSL, it will work.
Gokulnaath M
JNCIA FWV, JNCIS FWV