Snort mailing list archives
Re: IDS & HTTPS
From: Jason Costomiris <jcostom () jasons org>
Date: Fri, 29 Mar 2002 12:53:43 -0500
On Fri, Mar 29, 2002 at 10:30:59AM -0500, Ryan Johnson wrote: : Hi everyone, : : Do any open source tools exist to terminate an ssl connection : and once the traffic has been decrypted, pass it back to a regular : webserver? It looks like stunnel might be able to to do this. I searched : google groups and someone suggested the same idea, but I have never heard : of it being implemented. Of course you can probably guess my reasoning : for wanting to do this, so I can use an ids to sniff the traffic. I was : told this appliance has the ability to do this : http://www.f5networks.com/BIGIP5K/ You could probably do that with stunnel, but you're likely to take quite a hit performance-wise. What you're describing is how 99.999% of the SSL acceleration appliances out there operate. -- Jason Costomiris <>< | Technologist, geek, human. jcostom {at} jasons {dot} org | http://www.jasons.org/ Quidquid latine dictum sit, altum viditur. My account, My opinions. _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- IDS & HTTPS Ryan Johnson (Mar 29)
- Re: IDS & HTTPS Jason Costomiris (Mar 29)