Computer Services in NUIG transparent proxy tracking all HTTP(S) activity

80 views
Skip to first unread message

Paul Mac Eoin

unread,
Sep 9, 2012, 4:44:18 PM9/9/12
to 091labs...@googlegroups.com
I'm not even entirely sure what that means. I know it has the potential for "man in the middle" attacks


Can someone clarify if it is still safe to carry out secure things like online banking/shopping? Pretend I have no faith in the competency nor security of Computer Services.

Thanks!

gerryk

unread,
Sep 9, 2012, 5:11:13 PM9/9/12
to 091labs...@googlegroups.com

They can break the server SSL connection at the proxy and instantiate a new new one from the proxy to your pc. Since they control DNS and the HTTP stream, they can ostensibly claim that the proxy is the server you are connecting to.
They can only do this if they control the client PC as well as the proxy, as they would need to install the relevant root CA cert in your browser, otherwise it will complain, since they are using self-signed certs for this.

gerryk

unread,
Sep 9, 2012, 5:12:30 PM9/9/12
to 091labs...@googlegroups.com

I would consider it unsafe to conduct anything you need to remain private.

On Sep 9, 2012 9:44 PM, "Paul Mac Eoin" <paul.m...@gmail.com> wrote:

Alanna Kelly

unread,
Sep 9, 2012, 6:29:10 PM9/9/12
to 091labs...@googlegroups.com

I would not be doing anything which required security on one of those machines.

Domhnall Walsh

unread,
Sep 9, 2012, 8:41:19 PM9/9/12
to 091labs...@googlegroups.com
Seconded (or since Gerry has said the same, thirded). Also, try the Certificate Patrol plugin for Firefox (fresh install, maybe in a VM) and after browsing to a bunch of HTTPS-heavy sites (e.g. online banking) on a known good connection (say, your home internet) and then try the same on the NUI Galway network and see what certificates it flags. 

Also have the HTTPS Everywhere extension installed to force Firefox's hand as necessary.

(Note: Certificate Patrol will drive you nuts during everyday use, but it rocks for stuff like this) 

Barry Coughlan

unread,
Sep 11, 2012, 12:56:24 PM9/11/12
to 091labs...@googlegroups.com
The cert chain for the IT department computers (treated separate to the rest of the college) doesn't seem to contain anything phishy.

Aaron Hastings

unread,
Sep 11, 2012, 1:29:33 PM9/11/12
to 091labs...@googlegroups.com
Yep, the IT Department ones seem fine. We checked them the other day.
Reply all
Reply to author
Forward
0 new messages