Snort mailing list archives
encrypted traffic
From: Marcio Guerreiro <marcio.guerreiro () hotmail co uk>
Date: Mon, 10 Aug 2015 14:59:11 +0100
Hi all I have a question… I hope you guys can suggest me something to read about it… Considering that a great number of websites use SSL and the Snort documentation suggests that we should not enable encrypted traffic verification.. what it is going to happen ? 1 - Should Snort be deployed with powerful hardware capable to deal with the expensive computational demand generated by encrypted traffic ? 2 - Should I remove noinspect_encrypted from my snort.conf and enable the encrypted verification ? 3 - if I enable that, will Snort verify the whole packet contents ? (data payload) Thank you Marcio
------------------------------------------------------------------------------
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- encrypted traffic Marcio Guerreiro (Aug 10)
- Re: encrypted traffic Victor Roemer (Aug 10)