Snort mailing list archives
Re: Snort and encrypted protocols
From: Marsiske Stefan <stefan.marsiske () sysdata siemens hu>
Date: Thu, 16 Aug 2001 11:33:48 +0200
good idea, but you'll need all servercertificates on the snortbox for proper decryption. talk about single point of failure/compromise? btw, this is probably very slow. but anyhow a good idea for a plugin. On Thu, Aug 16, 2001 at 10:57:50AM +0200, Renaud Lemble wrote:
Why not using ssldump to replace tcpdump in snort ? You could decode encrypted protocols if snort is use as an host based ids. This will be a very interresting option. -- ------------------------ Renaud LEMBLE renaud.lemble () cetelem fr ------------------------ _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
---end quoted text--- -- Stefan [http://web.interware.hu/stef] UPDATED:001031 gpg-key: http://web.interware.hu/stef/gpg.txt quote: "Hackers do not feel that leisure time is automatically any more meaningful than work time. The desirability of both depends on how they are realized. From the point of a view of a meaningful life, the entire work/leisure duality must be abandoned. As long as we are living our work or our leisure, we are not even truly living. Meaning cannot be found in work or leisure but has to arise out of the nature of the activity itself. Out of passion. Social value. Creativity." _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Snort and encrypted protocols Renaud Lemble (Aug 16)
- Re: Snort and encrypted protocols Marsiske Stefan (Aug 16)
- Re: Snort and encrypted protocols Renaud Lemble (Aug 16)
- Re: Re: Snort and encrypted protocols Marsiske Stefan (Aug 16)
- Re: Snort and encrypted protocols Renaud Lemble (Aug 16)
- Re: Snort and encrypted protocols Marsiske Stefan (Aug 16)