[OmniOS-discuss] SSH over HTTPS
John D Groenveld
jdg117 at elvis.arl.psu.edu
Tue Dec 17 14:14:49 UTC 2013
In message <52B03A8D.8090309 at gmail.com>, Saso Kiselkov writes:
>Minor side-note, unless the proxy is trying to brutally MITM the session
>(forged certificates and all), then there's absolutely no way for it to
>know if a particular TLS session is carrying HTTPS traffic or something
>else (short of doing some kind of statistical analysis of the traffic
>flow, that is).
I believe Palo Alto Network's product combines statefull firewall and
application proxy inspection.
<URL:https://www.paloaltonetworks.com/content/dam/paloaltonetworks-com/en_US/assets/pdf/tech-briefs/paloaltonetworks-vs-proxy.pdf>
John
groenveld at acm.org
More information about the OmniOS-discuss
mailing list