User activity
36 views
Skip to first unread message
Viktor Nikolaev
Aug 13, 2015, 3:51:40 AM8/13/15
to Grase Hotspot
Tell me why the report does not show the URL of websites, but only the volume of traffic What did I do wrong? Grase 3.7, www-portal 3.8RC1 Ubuntu server 12.04
Timothy White
Sep 14, 2015, 5:07:32 AM9/14/15
to Grase Hotspot
Hi Viktor
Assuming everything has worked correctly, the report should show you
the URL's of all HTTP traffic. Due to how HTTPS works, we can't see
any of the URLs, not even the domains, of HTTPS traffic. More and more
traffic is moving to HTTPS, so you'll probably find less in the report
than a few years back.
If you are sure you are accessing HTTP sites, there may be a bug that
needs fixing.
Regards
Tim
> --
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to grase-hotspo...@grasehotspot.org.
> To post to this group, send email to grase-...@grasehotspot.org.
> Visit this group at
> http://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/a554b024-7734-46a1-9d8c-e351fb990b56%40grasehotspot.org.
Assuming everything has worked correctly, the report should show you
the URL's of all HTTP traffic. Due to how HTTPS works, we can't see
any of the URLs, not even the domains, of HTTPS traffic. More and more
traffic is moving to HTTPS, so you'll probably find less in the report
than a few years back.
If you are sure you are accessing HTTP sites, there may be a bug that
needs fixing.
Regards
Tim
> This mailing list is for the Grase Hotspot Project http://grasehotspot.org
> ---
> You received this message because you are subscribed to the Google Groups
> "Grase Hotspot" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to grase-hotspo...@grasehotspot.org.
> To post to this group, send email to grase-...@grasehotspot.org.
> Visit this group at
> http://groups.google.com/a/grasehotspot.org/group/grase-hotspot/.
> To view this discussion on the web visit
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/a554b024-7734-46a1-9d8c-e351fb990b56%40grasehotspot.org.
Firman Bugi
Sep 15, 2015, 12:21:03 AM9/15/15
to Grase Hotspot
hi Tim,
can we get a history or log activity for HTTPS trafic ???
its very use full for control user activity??
thanks for great support
Boegie
Timothy White
Sep 15, 2015, 4:06:38 AM9/15/15
to Grase Hotspot
I've tried my best to write an FAQ about this.
https://github.com/GraseHotspot/grase-www-portal/wiki/FAQ#why-dont-i-see-all-websites-someone-has-visited-in-the-session-report-why-dont-https-sites-show-up
Please feel free to improve the FAQ, especially if you can make it
easier for people to understand!
The short version, HTTPS traffic doesn't pass through the transparent
proxy (and can't) so we can't log it. The methods for logging HTTPS
traffic require the user to modify their device, so I'm not
implementing them. On a side note, I also don't agree with the methods
for inspecting HTTPS traffic, as it's supposed to be secure traffic,
and I don't want someone doing online banking to be exposed to
unnecessary risks because someone wants to see exactly what URL's you
are accessing.
Regards
Tim
> https://groups.google.com/a/grasehotspot.org/d/msgid/grase-hotspot/07bf9db0-9081-4273-98ce-5f2c013184a2%40grasehotspot.org.
https://github.com/GraseHotspot/grase-www-portal/wiki/FAQ#why-dont-i-see-all-websites-someone-has-visited-in-the-session-report-why-dont-https-sites-show-up
Please feel free to improve the FAQ, especially if you can make it
easier for people to understand!
The short version, HTTPS traffic doesn't pass through the transparent
proxy (and can't) so we can't log it. The methods for logging HTTPS
traffic require the user to modify their device, so I'm not
implementing them. On a side note, I also don't agree with the methods
for inspecting HTTPS traffic, as it's supposed to be secure traffic,
and I don't want someone doing online banking to be exposed to
unnecessary risks because someone wants to see exactly what URL's you
are accessing.
Regards
Tim
bugi....@gmail.com
Sep 15, 2015, 4:41:36 AM9/15/15
to Timothy White
Thank you Tim, I'm really appreciate with you, i understand about security access especially Https, i dont think to get url who's access mobile or internet banking, i ask this because you say "more and more traffic moving to HTTPS', if its can we get url log for HTTPS access, we do it becouse it's educational institution, much of website now using https not just internet banking, bitcoin mining, youtube, social networking, dating or porn site. And much more.
I just want discuss with you about HTTPS activities..
Thank you "grasehotspot is really HotSpot Solution "
Regards
Boegie
Original Message
From: Timothy White
Sent: Selasa, 15 September 2015 15.06
To: Grase Hotspot
Reply To: grase-...@grasehotspot.org
Subject: Re: [GRASE-Hotspot] User activity
Reply all
Reply to author
Forward
0 new messages