Author Topic: HTTPS and HTTP under WebShield (Read 13976 times)

sded · « **Reply #15 on:** April 19, 2005, 01:06:01 AM »

Took a look at how IE did the secure login vs Opera, since that is what I use. Opera does a conventional login via port 443 for https to your mail site. FF probably does too. IE does something on port 80 instead. Unless you can exclude https://mail.terra.com.br/* (remember the s) I don't see a way to use this site with Webshield and IE. But try excluding the site with https-I can't tell from the help file whether that will work or not. Good luck; Ed.

Lisandro · « **Reply #16 on:** April 19, 2005, 01:07:43 AM »

Quote from: Kamulko! on April 18, 2005, 11:30:11 PM

I think it isn't a firewall setting problem. Just try to open (on IE and other IE-based browsers) Internet Settings->Protection->select the default value (in Italian= Medium).

It's on Medium already... In fact, It'll be useful if anybody could give a right shot into the 'trouble' setting... Testing here is not secure...

Lisandro · « **Reply #17 on:** April 19, 2005, 01:10:20 AM »

Quote from: sded on April 19, 2005, 01:06:01 AM

Unless you can exclude https://mail.terra.com.br/* (remember the s) I don't see a way to use this site with Webshield and IE.

This is very bad...

:'(
https can't be excluded in anyway as avast adds http in front of each added URL automatically and mandatory. $:-\$

sded · « **Reply #18 on:** April 19, 2005, 01:28:34 AM »

What about using "ignored addresses" in webshield to not redirect for the IP of the secure server used? I can't tell which one it is, but it is probably a different IP for the authentication server than for the regular mail server. In other words, redirect the www address IP as usual, don't redirect traffic to the other IPs.

Lisandro · « **Reply #19 on:** April 19, 2005, 04:10:23 AM »

Quote from: sded on April 19, 2005, 01:28:34 AM

What about using "ignored addresses" in webshield to not redirect for the IP of the secure server used?

It does not work... I'm not that worried as Firefox can load it... never mind too much. Thanks for helping me again.

kamulko · « **Reply #20 on:** April 19, 2005, 10:15:36 AM »

This is really not the truth:"Any time your browser uses https: it sets up an SSL connection." Is very easy to simulate a false secured connection. Simply, is possible to show a false https address and keep hidden the true link; also is very easy to show the padlock symbol on a non-secured page. Fishing is based on this tricks. Only the view of html pagesource can say if it is true or not.

About your Firefox problems: I worked to some experiments about and I see that I have your problems only when try to use anonymized proxy servers or "roulette" IP changing. (I hope my words are comprehensibles! Sorry if I write not clearly).

sded · « **Reply #21 on:** April 19, 2005, 03:01:59 PM »

True; should have said "Anytime your browser uses https, it says it is setting up an SSL connection"-of course it could be lying, for the reasons you state.

Lisandro · « **Reply #22 on:** April 21, 2005, 12:04:00 AM »

No one word from Alwil team?
I'm just posting to bring back this thread again to the live ones...

lukor · « **Reply #23 on:** April 22, 2005, 07:05:16 PM »

Quote from: Technical on April 21, 2005, 12:04:00 AM

No one word from Alwil team?
I'm just posting to bring back this thread again to the live ones...

Hello Technical,
you've said that disabling your local proxy did not help. Does this mean, that when you have no proxy in your browser, and WebShield running and redirecting port 80, you can not access your https mails?

thats strange.

Could you please create a packet dump for us? So we can see what's going on your network?

How to do it? Download ethereal here:

http://www.ethereal.com/distribution/win32/

Firstly please download and install WinPcap library:
http://www.ethereal.com/distribution/win32/WinPcap_3_0.exe

Then the ethereal app:
http://www.ethereal.com/distribution/win32/ethereal-setup-0.10.10.exe

It's fairly easy to install (no reboot is needed) and easy to use, just run the program - ethereal, click the first Icon: start the live capture. Then choose you network interface and click OK. Then reproduce the error and the packets will be saved to the log. Save it and mail it to me, please!

Cheers, Lukas

Lisandro · « **Reply #24 on:** April 26, 2005, 11:06:11 PM »

Quote from: lukor on April 22, 2005, 07:05:16 PM

you've said that disabling your local proxy did not help. Does this mean, that when you have no proxy in your browser, and WebShield running and redirecting port 80, you can not access your https mails?

In fact it's not no proxy situation, but disabled proxy.

Quote from: lukor on April 22, 2005, 07:05:16 PM

Could you please create a packet dump for us? So we can see what's going on your network?

Lukas, thanks, but I think it's not necessary.
The problem is on Maxthon and not avast!
(http://forum.maxthon.com/forum/index.php?showtopic=19854)

Author Topic: HTTPS and HTTP under WebShield (Read 13976 times)

sded

Re: HTTPS and HTTP under WebShield

Lisandro

Re: HTTPS and HTTP under WebShield

Lisandro

Re: HTTPS and HTTP under WebShield

sded

Re: HTTPS and HTTP under WebShield

Lisandro

Re: HTTPS and HTTP under WebShield

kamulko

Re: HTTPS and HTTP under WebShield

sded

Re: HTTPS and HTTP under WebShield

Lisandro

Re: HTTPS and HTTP under WebShield

lukor

Re: HTTPS and HTTP under WebShield

Lisandro

Re: HTTPS and HTTP under WebShield