Https is Secure Connection which uses the SSL to encrypt
the data and communication between the Browser and Server so that no one else
can see what data are being transmitted. But does this make sure that no one
else knows what site you’ve visited in HTTPS mode?
As the Network
grows sharing on network grows which led to grow the attackers on the network raised
up. After Many implementation, SSL is here with that protect our data from various
site to make our connection secure, safe and reliable.
SSL mainly works on
Port number 443 which is for HTTPS,
here S is for secure. In this post we are going to discuss the question that we
found on one of most famous Forum Stackexchange.com.
The Question is as
Can your Company see what site you visit through Https?
Can my company see what HTTPS sites I went to?
At work my company
uses internet monitoring software (websense). I know if I visit a https
ssl-encrypted site (such as https://secure.logmein.com) they can't see what
I'm doing on the site since all the traffic is encrypted. But do they see,
that I visited https://secure.logmein.com ?
|
Question is Quite
interesting and even I was also curious about this so far. In this post we are discussing
what happens when you connect to any website like your bank or Mail provider or
even Social networking site that uses SSL, does anyone else can see what site
you are visiting. Well the answer is Yes!
Why so?
First of All,
Whenever you
establish your Secure connection through SSL, your browser first sends request
to web server in HTTP mode, once the server is ready it can start establishing
the HTTPS, that is SSL enable secure connection.
Since Http request
is visible to your ISP or network provider, so they can watch what you are
going to visit. Though they cannot see what you browsed inside it what
transmission took place after you’ve established your connection because it
gone secure and encrypted now.
Another reason I would
point
When you request
any website, it first goes to port number 53, that is DNS to resolve the IP
address of that host, at this moment your request will be visible to your
network administrator.
If your network
administrator uses any of network monitoring tool such as netflow, IP to IP
sessions, sniffing, they can see your site.
Besides that, if
the device you are working on is owned by company, they can measure/audit the
activity you are doing on your PC.
Even if you visit those
sites using any proxy address, those can also see and log the name servers you
are visiting.
For instance if you
visit https://yourbank.org/anyurl/anypage.html
this will create the request like this
CONNECT example.org:443 HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
rv:2.0b13pre) ...
Proxy-Connection: keep-alive
Host: example.org
|
If your Network administrator
has implemented the protocol for logging, yes they can get where you went,
every site every URL they can log. However they’ll not be able to view the
content you’ve viewed again because of SSL.
Many Enterprises
uses BlueCoat proxy, using this they can view all your encrypted data URLs you’ve
visited.
Also when you
establish a connection, server do handshaking with browser and exchange the
certificate. Your Administrator can act like MITM (Man in the middle) if they
are serious about the security and even tracking and cracking the certificate they
can see your URLs.
So what to do for avoiding this!
First answer is, do
not use their network or devices use your own net-connect/laptop/Smartphone to
visit those sensitive site and secure yourself from those.
No comments :
Post a Comment