Https is Secure Connection which uses the SSL to encrypt the data and communication between the Browser and Server so that no one else can see what data are being transmitted. But does this make sure that no one else knows what site you’ve visited in HTTPS mode?
As the Network grows sharing on network grows which led to grow the attackers on the network raised up. After Many implementation, SSL is here with that protect our data from various site to make our connection secure, safe and reliable.
SSL mainly works on Port number 443 which is for HTTPS, here S is for secure. In this post we are going to discuss the question that we found on one of most famous Forum Stackexchange.com.
The Question is as
Can your Company see what site you visit through Https?
Can my company see what HTTPS sites I went to?
At work my company uses internet monitoring software (websense). I know if I visit a https ssl-encrypted site (such as https://secure.logmein.com) they can't see what I'm doing on the site since all the traffic is encrypted. But do they see, that I visited https://secure.logmein.com ?
Question is Quite interesting and even I was also curious about this so far. In this post we are discussing what happens when you connect to any website like your bank or Mail provider or even Social networking site that uses SSL, does anyone else can see what site you are visiting. Well the answer is Yes!
First of All,
Whenever you establish your Secure connection through SSL, your browser first sends request to web server in HTTP mode, once the server is ready it can start establishing the HTTPS, that is SSL enable secure connection.
Since Http request is visible to your ISP or network provider, so they can watch what you are going to visit. Though they cannot see what you browsed inside it what transmission took place after you’ve established your connection because it gone secure and encrypted now.
Another reason I would point
When you request any website, it first goes to port number 53, that is DNS to resolve the IP address of that host, at this moment your request will be visible to your network administrator.
If your network administrator uses any of network monitoring tool such as netflow, IP to IP sessions, sniffing, they can see your site.
Besides that, if the device you are working on is owned by company, they can measure/audit the activity you are doing on your PC.
Even if you visit those sites using any proxy address, those can also see and log the name servers you are visiting.
For instance if you visit https://yourbank.org/anyurl/anypage.html this will create the request like this
CONNECT example.org:443 HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:2.0b13pre) ...
If your Network administrator has implemented the protocol for logging, yes they can get where you went, every site every URL they can log. However they’ll not be able to view the content you’ve viewed again because of SSL.
Many Enterprises uses BlueCoat proxy, using this they can view all your encrypted data URLs you’ve visited.
Also when you establish a connection, server do handshaking with browser and exchange the certificate. Your Administrator can act like MITM (Man in the middle) if they are serious about the security and even tracking and cracking the certificate they can see your URLs.
So what to do for avoiding this!
First answer is, do not use their network or devices use your own net-connect/laptop/Smartphone to visit those sensitive site and secure yourself from those.