Hey Guys,
I was just referred to Fiddler by someone who claims to want to use it in a similar way as myself.
What I am looking for is somewhat of a total web-block but with whitelist exception. Currently in policy we have this implemented via a IE proxy site exclusion list where the proxy defined is a dummy IP / Port.
This seems to work fine for static sites, with no 3rd party XSS or referrer domains... We are running into a scenario now wherein we are moving to 0365 in the cloud. I had run a http trace as well as looked up the official MS documentation of all required URL/Domain space to whitelist. Even just this, and using TLD declarations, the list is pretty long. Further there seem to be all sorts of other referenced sites and files, which aren't explicitly whitelisted. All on top of other providers sites which have their own sites they call in the background, which causes issues while waiting for DNS and the fake proxy to timeout.
Rumor has it Fiddler can allow an explicitly whitelisted domain be allowed to also allow traffic / connections to sites that the whitelisted site references...
Is this true?? Can it be used in conjunction with WPAD (which is the model we hope to move to)
Can anyone give me some pointers or info as to where to start?? I suppose by validating or crushing my current understanding.. ;-)
Cheers,
Matt
I was just referred to Fiddler by someone who claims to want to use it in a similar way as myself.
What I am looking for is somewhat of a total web-block but with whitelist exception. Currently in policy we have this implemented via a IE proxy site exclusion list where the proxy defined is a dummy IP / Port.
This seems to work fine for static sites, with no 3rd party XSS or referrer domains... We are running into a scenario now wherein we are moving to 0365 in the cloud. I had run a http trace as well as looked up the official MS documentation of all required URL/Domain space to whitelist. Even just this, and using TLD declarations, the list is pretty long. Further there seem to be all sorts of other referenced sites and files, which aren't explicitly whitelisted. All on top of other providers sites which have their own sites they call in the background, which causes issues while waiting for DNS and the fake proxy to timeout.
Rumor has it Fiddler can allow an explicitly whitelisted domain be allowed to also allow traffic / connections to sites that the whitelisted site references...
Is this true?? Can it be used in conjunction with WPAD (which is the model we hope to move to)
Can anyone give me some pointers or info as to where to start?? I suppose by validating or crushing my current understanding.. ;-)
Cheers,
Matt