Re: Questions on Snort++

[James Lay <jlay () slave-tothe-box net>]

On 2016-10-21 05:02, Russ wrote:
> On 10/19/16 12:04 PM, James Lay wrote:
> > Hey all,
> >
> > Some questions in regards to Snort++:
> >
> > 1.  As encryption is just about everywhere now, how will Snort++ deal
> > with encryption?
> Snort++ won't fundamentally change this problem.  It is still essential
> that decryption is done before Snort sees the traffic you want to
> inspect.  We are working on enhancements to detect malicious encrypted
> traffic but otherwise it should be whitelisted by the SSL inspector.
> > 2.  Any timeframe on when Snort++ will be out of Alpha stage?
> Alpha 4 will be out before end of year.  I don't want to jinx it by
> being more specific.  :)  It will be a much improved superset of 
> 2.9.8.3
> functionality, but a few things like JavaScript normalization likely
> won't make the cut.  The Beta release follows.
> > Thank you,
> >
> > James

Just what I needed to know...thanks Russ.

James

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most 
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!