Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: SSL traffic block using Snort rules

From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 25 Aug 2014 22:14:30 -0400
On 8/25/2014 9:36 AM, Ravi Kukadia wrote:

Hi,

I wanted to understand that is it possible to block SSL traffic using Snort
rules? I wanted to block https websites on my network but not sure whether I can
do with Snort or not.


yes, it is possible... simply detect the originating SYN on the port and drop... 
but then why do all that when you can simply drop/block on the firewall??

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Snort-sigs mailing list
Snort-sigs () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
http://www.snort.org


Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: