HTTPS is a security threat since it used by VPN software and SSH tunnels
The HTTPS protocol that all internet users use can be recognised by the https:// prefix in the URL.
Many users use HTTPS to do internet banking since it is a secure protection against eavesdropping
and right here starts the misconception of the safety of the HTTPS protocol.
HTTPS uses encryption and only protects against eavesdropping:
hackers already cracked more than one internet bank using a virus-like program on the PC of the victims.
Encryption is a good feature for internet banking and at the same time
a good feature for hackers, thieves, proxy tunnels and computer viruses.
Because of the encryption, and because almost all corporate firewalls allow HTTPS traffic without filtering,
HTTPS is beyond any doubt a security threat that needs to be addressed properly.
It is not possible to explain the security threat in details without going into technical details.
For those who do not understand the technical details, we suggest to go to Google and to search for
"punching holes into firewalls"
and to look at the overwhelming list of search results and all details that are provided to
circumvent the most advanced corporate firewall.
The technical audience can search for
"tunneling SSH over HTTPS".
Proxy tunnels are an easy way to open a gateway from a protected/firewalled LAN to
any computer system in the world and the software to do this is accessible with a simple search on Google.
The tunnel can even be configured to be bi-directional: from a designated computer system outside the protected LAN
communication to any computer system on the protected LAN can be initiated !!
Various types of proxy tunnels are known to exist and one of the easiest to use is a SSH tunnel.
SSH is short for "secure shell" and implements a "security" for communication
(shell, ftp, X Windows, and any other TCP based application) between computers and
one of its basic features is bi-directional port tunneling.
The port tunneling feature is a true nightmare for security officers where firewalls have no knowledge of what is done inside a SSH session.
ufdbGuard makes an end to the nightmare of security officers and can block SSH tunnels.
It also blocks proxy tunnels and blocks access to sites that use HTTPS without proper SSL certificates and/or
sites addressed by an (anonymous) IP address.
ufdbGuard respects privacy of users and never decrypts HTTPS traffic.
ufdbGuard dynamically probes HTTPS sites and selectively blocks HTTPS traffic by
ufdbGuard dynamically probes HTTPS sites and selectively blocks HTTPS traffic by
- always block sites which do not speak SSL+HTTP (e.g. SSH tunnels)
- optionally block known tunneling applications
- optionally block sites without a properly signed SSL certificate
- optionally block sites with a weak SSL encryption
- optionally block sites with an IP address in the URL