Snort mailing list archives
Re: Encrypted sessions
From: Ralf Hildebrandt <Ralf.Hildebrandt () charite de>
Date: Wed, 28 Nov 2001 07:48:40 +0100
On Tue, Nov 27, 2001 at 02:53:22PM -0600, Ronneil Camara wrote:
How does snort deal with encrypted communication. Let say, I would to monitor https connection to my web server or we've got an encrypted connection to other mail server. Would snort know about those attacks? This is what the big vendor company mentioned to me about snort's weakness.
And how do they handle that problem? IT'S ENCRYPTED, DUMMY! What is the point of encryption if the IDS can look into the encrypted datastream -- it must have a key. This makes it a high value target. BTW, snort does SSL/TLS. -- Ralf Hildebrandt Tel. +49 (0)30-450 570-155 Fax. +49 (0)30-450 570-916 "Warum Textmails, _moderne Clients_ verstehen doch auch HTML oder .doc" _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Encrypted sessions Ronneil Camara (Nov 27)
- Re: Encrypted sessions Erek Adams (Nov 27)
- Re: Encrypted sessions Chr. v. Stuckrad (Nov 27)
- Re: Encrypted sessions Erek Adams (Nov 27)
- Re: Encrypted sessions Jason Haar (Nov 27)
- Re: Encrypted sessions Chr. v. Stuckrad (Nov 27)
- RE: Encrypted sessions Abe L. Getchell (Nov 27)
- RE: Encrypted sessions Erek Adams (Nov 27)
- RE: Encrypted sessions Abe L. Getchell (Nov 28)
- RE: Encrypted sessions Erek Adams (Nov 27)
- Re: Encrypted sessions Ralf Hildebrandt (Nov 27)
- Re: Encrypted sessions Ralf Hildebrandt (Nov 28)
- <Possible follow-ups>
- Re: Encrypted sessions Mike Shaw (Nov 27)
- RE: Encrypted sessions Michael Aylor (Nov 27)
- Re: Encrypted sessions Fyodor (Nov 27)
- Encrypted sessions Michael Scheidell (Nov 27)
- RE: Encrypted sessions Ronneil Camara (Nov 27)
- RE: Encrypted sessions Bob Walder (Nov 28)
- RE: Encrypted sessions Abe L. Getchell (Nov 28)
- RE: Encrypted sessions Tom Sevy (Nov 28)
- RE: Encrypted sessions Chris Eidem (Nov 28)
(Thread continues...)
- Re: Encrypted sessions Erek Adams (Nov 27)