Snort mailing list archives
Re: SSL traffic block using Snort rules
From: waldo kitty <wkitty42 () windstream net>
Date: Mon, 25 Aug 2014 22:14:30 -0400
On 8/25/2014 9:36 AM, Ravi Kukadia wrote:
Hi, I wanted to understand that is it possible to block SSL traffic using Snort rules? I wanted to block https websites on my network but not sure whether I can do with Snort or not.
yes, it is possible... simply detect the originating SYN on the port and drop... but then why do all that when you can simply drop/block on the firewall?? -- NOTE: No off-list assistance is given without prior approval. Please *keep mailing list traffic on the list* unless private contact is specifically requested and granted. ------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- SSL traffic block using Snort rules Ravi Kukadia (Aug 25)
- Re: SSL traffic block using Snort rules Joel Esler (jesler) (Aug 25)
- Re: SSL traffic block using Snort rules waldo kitty (Aug 25)