Snort mailing list archives

Previous By Date Next
Previous By Thread Next

encrypted traffic

From: Marcio Guerreiro <marcio.guerreiro () hotmail co uk>
Date: Mon, 10 Aug 2015 14:59:11 +0100
Hi all

 

I have a question… I hope you guys can suggest me something to read about it…

 

Considering that a great number of websites use SSL and the Snort documentation suggests that we should not enable 
encrypted traffic verification.. what it is going to happen ?

 

 

1 - Should Snort be deployed with powerful hardware capable to deal with the expensive computational demand generated 
by encrypted traffic ?

 

2 - Should I remove  noinspect_encrypted from my snort.conf and enable the encrypted verification ?

 

3 - if I enable that, will Snort verify the whole packet contents ? (data payload) 

 

 

 

Thank you

Marcio

 





------------------------------------------------------------------------------

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!
Previous By Date Next
Previous By Thread Next

Current thread: