Results 1 to 8 of 8
  1. #1
    Untangler
    Join Date
    Sep 2008
    Posts
    35

    Default Firefox Add-on that allows HTTPS access to Facebook.

    Came across an add-on that allows the firefox browser to access facebook sites using HTTPS. Really concern about this and wondering besides esoft, is there any other way to overcome this?

    Was thinking of blocking the IP addresses, but then how many IPs do Facebook sits on?

  2. #2
    Untangle Ninja Mathiau's Avatar
    Join Date
    Feb 2008
    Location
    Costa Frickn' Rica
    Posts
    1,636

    Default

    nslookup facebook.com

    you will get alot, also dependant on what location your in, i once blocked all of the ones that came up in CR nslookup, but of course it just found another IP outside of the ones i blocked.

    i really hate that sites are doing their best to not be blocked and find way around it, i guess UTM's are going to have to find ways to stop HTTPS traffic sometime.
    kv-2 | UT 11.0.1 | Dell R610 Server | Intel Xeon 2.8Ghz Quad Cores | 24Gb DDR3 ECC | 1 Intel QPort NIC | Integrated Broadcom QP | Dell Perc 4i | 6 x 73G 2.5 15k SAS raid 10 | 100mb/100mb | 30mb/30Mb

  3. #3
    Master Untangler neiby's Avatar
    Join Date
    Jun 2009
    Location
    Denver, CO
    Posts
    603

    Default

    There's actually an add-on now that forces https for all sites that support it. That could cause a big headache for web filtering.
    Disclaimer: I may or may not have had enough coffee when I'm posting. Interpret my responses thusly.

  4. #4
    Untangle Ninja dwasserman's Avatar
    Join Date
    Jun 2008
    Location
    Argentina
    Posts
    4,367

    Default

    Its more a human resources that tech problem I think.
    IT born with this. Today is facebook or P2P, yesterday porn, and tomorrow who know.
    Is a race that we are always one step behind.
    I have assumed that it is impossible to detect and block all. But look at trends and patterns suspects.
    Clear rules (read about aceptable uses policy), punishment, and support from the head of the company.
    The world is divided into 10 kinds of people, who know binary and those not

  5. #5
    Untangler
    Join Date
    Sep 2008
    Posts
    35

    Default

    Quote Originally Posted by Mathiau View Post
    nslookup facebook.com

    you will get alot, also dependant on what location your in, i once blocked all of the ones that came up in CR nslookup, but of course it just found another IP outside of the ones i blocked.

    i really hate that sites are doing their best to not be blocked and find way around it, i guess UTM's are going to have to find ways to stop HTTPS traffic sometime.
    Mathiau - Tot of that at first. But then it's HTTPS. If were to place the FB IPs under the blocked sites, it will still pass thru.

  6. #6
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,414

    Default

    No, if you use the firewall to block access to an IP address, or the eSoft filter to prevent access to a specific IP address or range... it will stop the traffic.

    The trouble is in SSL, even the URL is encrypted. All the Untangle can really see is the destination IP address, and the source IP address. The rest of the packet is mangled.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  7. #7
    Untangler
    Join Date
    Sep 2008
    Posts
    35

    Default

    Quote Originally Posted by sky-knight View Post
    No, if you use the firewall to block access to an IP address, or the eSoft filter to prevent access to a specific IP address or range... it will stop the traffic.

    The trouble is in SSL, even the URL is encrypted. All the Untangle can really see is the destination IP address, and the source IP address. The rest of the packet is mangled.
    Yup. You're right. If only that's possible. The factor affecting my situation is that some users are allowed to FB (for work related). My concerns are those not allowed and they found this method.

  8. #8
    Untangle Ninja Mathiau's Avatar
    Join Date
    Feb 2008
    Location
    Costa Frickn' Rica
    Posts
    1,636

    Default

    have to do a firewall rule then blocking FB, then a rule ABOVE that one that allows it for specific internal IP's.
    kv-2 | UT 11.0.1 | Dell R610 Server | Intel Xeon 2.8Ghz Quad Cores | 24Gb DDR3 ECC | 1 Intel QPort NIC | Integrated Broadcom QP | Dell Perc 4i | 6 x 73G 2.5 15k SAS raid 10 | 100mb/100mb | 30mb/30Mb

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2