[TriLUG] Frontier doing packet inspection?

[Joseph Mack NA3T]

On Sun, 8 Dec 2013, Craig Cook wrote:

>>> Or, what makes you think Frontier is not running a large proxy farm that you 
>>> can't see.? They make the proxy return "friendly" errors.
>>
>> this is the most likely explanation. I take it there's no easy way around 
>> this?
>
> Trying to bypass a proxy like that is difficult.  One thought would be to use 
> a VPN tunnel though the proxy.  Then hope your termination end doesn't use a 
> proxy themselves ;)

ah yes. I vpn back to home from laptops, but I never thought of vpn'ing out from 
home. I could do that, but it would be slow. As long as they're only proxy'ing 
I'm not too worried.

> Some proxies can intercept traffic by doing man-in-the-middle type games.  I 
> know blue coat proxies can intercept ssl traffic and pass it back to you 
> without the user being aware.

On Sun, 8 Dec 2013, David Brain wrote:

> Hopefully not (at least that I am aware of !) - you'd at least have to trust a 
> non-standard CA for SSL inspection/interception to work, at least that's how 
> it works on the BlueCoat (and other web filter products I've seen).  There's 
> some filtering & logging (and of course straight up proxying) that can be done 
> without decrypting SSL based on certificate content, IPs & SNI but nothing 
> that can be seen in the payload itself.  Of course in a corp network pushing 
> out an additional CA cert via group policy or such like is pretty easy....

thanks Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!