Skip to main content
N
naglists1-Visitor
1-Visitor
August 24, 2011
Question

ever configured Editor to talk to PE through a proxy?

  • August 24, 2011
  • 6 replies
  • 1212 views
Or have you executed some other strategy for trapping, reviewing, and then
sending the messages Editor creates for the conversation with PE?

--
Paul Nagai

    6 replies

    G
    GarethOakes16-Pearl
    16-Pearl
    August 24, 2011
    Interesting. I haven't tried this but I would be inclined to start with
    packet sniffing (eg. Wireshark) to see what sort of traffic is flowing and
    then perhaps switch to a transparent proxy (eg. Squid) if necessary.



    Is this what you're thinking?



    -G


    N
    naglists1-VisitorAuthor
    1-Visitor
    August 24, 2011
    Something like that. Absent any ideas from Adepter (or a response yet from
    PTC), our security people proceeded to sniff ... My impression is that it's
    more work to sniff than it is to proxy ... so they were a-hoping.

    J
    JeffStevenson1-Visitor
    1-Visitor
    August 25, 2011

    Hi Paul,


    I haven't done this either, but I'm curious as to what information you are trying to capture? Do you want to see the whole conversation between AE and PE or are you looking for something specific?

    N
    naglists1-VisitorAuthor
    1-Visitor
    August 25, 2011
    It's not me directly. It's the security / risk group. They are conducting a
    vulnerability assessment, so I think they are peeking at the SOAP messages
    looking for ways to inject and do other nefarious things. When they are
    done, they will inform us what is wrong with the picture from the
    infrastructure to the tippy top of PE's pointy head.

    On Thu, Aug 25, 2011 at 6:58 AM, Jeff Stevenson <
    jstevenson@gpslsolutions.com> wrote:

    > Hi Paul,
    >
    > I haven't done this either, but I'm curious as to what information you are
    > trying to capture? Do you want to see the whole conversation between AE and
    > PE or are you looking for something specific?
    >
    J
    JeffStevenson1-Visitor
    1-Visitor
    August 26, 2011

    Oh yeah, I've been there. Governance dept. can be a hassle. I have personally have not heard of PE introducing any more or a security risk than any other service traveling through the firewall. I guess they are looking for malicious things that might piggyback on the data packets.


    I would think the data transfered between AE and PE is rather simple. Any tracking software should be able to pick it up. I'd be curious to see the conversation myself.

    N
    naglists1-VisitorAuthor
    1-Visitor
    September 6, 2011
    PTC's response makes explicit a strategy already covered earlier in the
    thread. In the last paragraph, they remind you what should be obvious: This
    is offered as "helpful" but can't be considered "supported." But you knew
    that. Also, I'll add: Don't go installing any "sniffer" without
    understanding *your* company's (or client's) policies on such matters.


    There is no explicit support for Proxies built into Arbortext Editor.
    However a tool such as this has been used by us in the past as an easy way
    to spy on the HTTP traffic.



    We have used a program called “TcpTrace” for things like this. You can
    download it here:



    Terms & ConditionsCookie settingsAccessibility statement