I have a box that send some traffic with proxy_pass to get files from
another of my box faking the url. Hence acting as a reverse proxy.
All the connections are ssl covered.
Right.
But is the whole reverse proxy broken if one listen with wireshark to
the
traffic of that proxy server ?
Will it tell in the clear that I get the file from https://xxx.xxx.xxx.xxx$uri ?
Any hope to prevent that ? I don’t want people to be able to know my
other
boxes ips.
My boxes are all over europe, cannot change this.
Is there an option in Nginx that would help there ?
If you run wireshark on your main box, you will be able to see the ips
it connects to (but not the urls because of https). However they would
need to be logged into your box to run wireshark and at this point they
could just run a netstat command to find the ips it is connected to.
If you mean can the network operator find these ips? They can use tools
like netflow/sflow on their switches and routers to find these ips
(which is totally out of your control)
There’s no way to prevent this…
Reassuring but everywhere on the web, you can see wireshark sniffing in/out
packet to any server.
No you can’t.
Hence, they are not connected to the server to sniff packets.
Your conclusion is wrong as it is based on incorrect information.
That is why I started worrying actually !
I would suggest you started worrying because you don’t understand the
threat model you’re trying to mitigate. Please do some more reading
before continuing this thread.
Jonathan
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.