AW: Snort and SSL

["Poppi, Sandro" <Sandro.Poppi () wacker com>]

There has been some (amusing ;) discussions on this list about enabling
snort to look into ssl sessions when snort has the required keys to do so.
Take a look on the archives.

But you really don't want to have snort store all private keys!

The only thing snort is able to do is to find that encrypted traffic is
passing but no chance to look into the encrypted data. You can either deny
encrypted traffic on your firewall or trust your users.

So long,
Sandro
> Hi all.
>
> Is Snort able to read the traffic encrypted with SSL, in his 
> network usage? It seems to me that all is encrypted, and then 
> unreadable in this case... Who can give me informations about that?
>
> Thanks in advance.
>
> Benoit
>
> -----------------------------------------------------
> Mail.be, Free WebMail and Virtual Office
> http://www.mail.be
>
>
> _______________________________________________
> Snort-users mailing list
> Snort-users () lists sourceforge net
> Go to this URL to change user options or unsubscribe:
> https://lists.sourceforge.net/lists/listinfo/snort-users
> Snort-users list archive:
> http://www.geocrawler.com/redir-sf.php3?list=snort-users

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users