Snort mailing list archives
Re: Using a transparent SSL proxy like mitmproxy or SSLSplit with Snort.
From: Russ <rucombs () cisco com>
Date: Fri, 16 Oct 2015 17:26:44 -0400
Oliver, That sounds like a fun project. If you are using Snort 2.X, a modified DAQ is a good way to go since it fits in the architecture well. For Snort++, I'd recommend implementing it Snort itself. We have the latter on our roadmap. Good luck! Russ On 10/16/15 5:07 PM, Olivier Soucy wrote:
Hi! I’m Olivier Soucy and I’m a student of Sherbrooke University. I have a project to use a transparent SSL proxy with snort. Me and my team want to modify the code of afpacket daq to decrypt secure connections with the proxy. Do you think it is the best solution to analyse and process encrypted data with snort? Thanks to answer me! Olivier Soucy Student in computer science at Sherbrooke University ------------------------------------------------------------------------------ _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------ _______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Using a transparent SSL proxy like mitmproxy or SSLSplit with Snort. Olivier Soucy (Oct 16)
- Re: Using a transparent SSL proxy like mitmproxy or SSLSplit with Snort. Russ (Oct 16)