[LINK] technical question: security alert
Adrian Chadd
adrian at creative.net.au
Thu Mar 5 11:13:16 AEDT 2009
On Wed, Mar 04, 2009, Kim Holburn wrote:
> If they did the return packets from the web-site would go straight to
> the client and not go through the proxy unless they caught them
> somehow. That'd be a complicated setup. Certainly the only ISP I had
> that had a transparent proxy did not do anything fancy like this. I
> ended up knowing lots about that proxy because developing and updating
> websites through a proxy, transparent or no, is a real pain.
Hi.
They can. And they do. And, if they're very nast, they'll strip the
proxy headers (Via, X-Forwarded-For, Squid's X-Cache header, the bluecoat
session header, etc) so you don't even know whats going on.
> --
> Kim Holburn
> IT Network & Security Consultant
Adrian
( (transparent) web proxy/cache developer.)
More information about the Link
mailing list