HTTPS proxy tunnels are a nightmare for any security officer

 

HTTPS is a necessary protocol

HTTPS is a protocol that implements a strong encryption layer around the HTTPS protocol.
Data that is sent across the internet using the HTTPS protocol is secured and cannot be decrypted by any eavesdropper.  Therefore, HTTPS is a great protocol for financial transactions and many other applications where privacy is desired.

But HTTPS is also a security threat !

The HTTPS protocol is also a security threat because of its nature to encrypt all data that is sent between a client and a web server.  This implies that antivirus software cannot intercept viruses at the gateway of a protected network, and also so-called tunnels with unlimited transfer of data and documents can be created easily between a PC on a protected network and any system on the internet. 

Go to Google and type "proxy tunnel".  It does not take long to understand that setting up a communication channel between a PC and a home system or any (insecure) system on the internet is very easy and that most web proxies allow it (e.g. Squid, Netcache, iPlanet, etc.)  These so-called proxy tunnels can also be used with reverse port forwarding (using SSH) which means that from any system on the internet an unauthorised connection can be made into the protected network and bypassing firewalls.

It also does not matter how good the firewall is!  A security risk exists as long as HTTPS is allowed while there is no countermeasure against proxy tunnels.

Protect your network against proxy tunnels !

ufdbGuard has a unique feature to dynamically detect proxy tunnels.  If ufdbGuard is configured to detect proxy tunnels, each website using https is checked for the existence of tunneling protocols and access is blocked when a tunnel is found.  Tunneling protocols like SSH, httptunnel, Barracuda and others are detected and access to websites with tunnels can be blocked.