SSL Stripping on Intercept X for IOS

Hi MedHead 

I would suggest you run checks once, To check the Wi-Fi network you are connected to, tap Check Wi-Fi. To automatically perform network checks in the background, turn on the Background check. This runs a check every time the device connects to a Wi-Fi network.

Also, please check if the Sophos Anti-virus engine is up to date and then perform another scan. 

Hello,

The checks still periodically show that the SSL stripping is active. I called my Wifi provider to set up a new password, reset the box etc. and yet still the app is saying that SSL stripping is active on my Wifi. The app is up to date and I have had background checking on from the beginning. Is there any possibility that this could be a glitch?

Hi,

Just to add, I have Sophos Home on my laptop and my housemate has the Sophos app for Android and neither of these have detected 'SSL stripping' on our home Wifi. Could you please advise if this is a possible glitch with the IOS app (which may I add is significantly less informative and comprehensive than the Android app)?

Thank you again. 

Hello Shweta, could you kindly reply?

Hi MedHead 

Could you please confirm few things here? 

Is this happening with all the networks also is this error is shown again when connected with the same network(where this error was shown)? Could you please disconnect from the network, forget the network and connect it to it again via your smartphone. Is the error shown again?

Hi Shweta,

Thanks for replying. I have disconnected and forgotten the network numerous times. I have had my Wifi provider change my password and reset the box. I have also reset my iPhone. The message still shows at various times in the day. I do not know about other Wifi networks as I only have one network at home or alternatively use mobile data. 

My flatmate's Sophos app for android does not bring up this message on their phone and neither does my Sophos home for Macbook even though we are all connected to the same Wifi. My AVG security app for IOS also does not bring up any alerts about the Wifi. 

Hopefully this helps.

Hi MedHead 

Would it be possible for you to PM me with Mobile Control logs from the affected device? Check this article, for information regarding collecting the logs.  

0654.sophos_logs.zip

Hi MedHead 

Thank you for the logs, from the logs it seems that the device is connected to a WiFi where the forwarding from http to https is blocked for the URL http://www.sophos.com. It should automatically forward to https://www.sophos.com but that doesn't happen in this WiFi. This seems to be an issue with the router, I would suggest you check with another network once and see if you are still seeing the same issue.

I deal with Sophos a lot. I'm trying to be polite about this but the support is slow, my questions are rarely answered directly. It is an exercise in futility trying to get anything fixed with Sophos central especially the email gateway. I honestly feel like our clients are beta testing it. So tell me how do I get an issue escalated as opposed to an email from support every two weeks, which I respond to with very clear and concise information and then get a response that makes it clear my email wasn't read. Help, I am literally drowning in a weird false threat detection issue that has a wide impact on the clients I'm supporting myccpay.com