Re: SSL and Snort

[Jim Hranicky <jfh () ufl edu>]

On Mon, 6 Feb 2012 11:51:32 -0500
PS <packetstack () gmail com> wrote:

> Hello,
>
> Does anyone know of a free/opensource tool which could decrypt ssl
> and make accessible to snort?
>
> Something like a mitm proxy with the capability to pass the
> unencrypted packets over to snort for analysis.
>
> Thanks!
>
> Victor Pineiro

Someone sent this to the Emerging Threats list a while back: 

  http://lists.emergingthreats.net/pipermail/emerging-sigs/2011-August/015186.html

Seems like it should work for a regular linux-based router, though
getting the info to snort would probably take a little work. 

-- 
Jim Hranicky
IT Security Engineer
Office of Information Security and Compliance
University of Florida

------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!