Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: IDS & HTTPS

From: Jason Costomiris <jcostom () jasons org>
Date: Fri, 29 Mar 2002 12:53:43 -0500
On Fri, Mar 29, 2002 at 10:30:59AM -0500, Ryan Johnson wrote:
:     Hi everyone,
:         
:            Do any open source tools exist to terminate an ssl connection 
: and once the traffic has been decrypted, pass it back to a regular 
: webserver? It looks like stunnel might be able to to do this. I searched 
: google groups and someone suggested the same idea, but I have never heard 
: of it being implemented. Of course you can probably guess my reasoning 
: for wanting to do this, so I can use an ids to sniff the traffic. I was 
: told this appliance has the ability to do this 
: http://www.f5networks.com/BIGIP5K/

You could probably do that with stunnel, but you're likely to take quite
a hit performance-wise.  What you're describing is how 99.999% of the SSL
acceleration appliances out there operate.

-- 
Jason Costomiris <><           |  Technologist, geek, human.
jcostom {at} jasons {dot} org  |  http://www.jasons.org/ 
          Quidquid latine dictum sit, altum viditur.
                    My account, My opinions.

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: