Vulnerability Development mailing list archives
Re: SSL & IDS
From: Mikael Olsson <mikael.olsson () ENTERNET SE>
Date: Fri, 1 Sep 2000 09:36:34 +0200
Roelof Temmingh wrote:
I am working on an article-thingy, and while writing I stumbled across this: IDS & SSL does not work together well...wow! (this was a joke). Even if you put an IDS on the same platform as the webserver it would not work. How should this be addressed?
You'll likely have to terminate the SSL connection on a reverse proxy machine in front of the web server and do your IDS sniffing after that reverse proxy. -- Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK Phone: +46 (0)660 29 92 00 Direct: +46 (0)660 29 92 05 Mobile: +46 (0)70 66 77 636 Fax: +46 (0)660 122 50 WWW: http://www.enternet.se/ E-mail: mikael.olsson () enternet se
Current thread:
- Re: SSL & IDS Denis Ducamp (Sep 01)
- <Possible follow-ups>
- Re: SSL & IDS Ed Padin (Sep 01)
- Re: SSL & IDS Inno Eroraha (Sep 01)
- Re: SSL & IDS Blue Boar (Sep 02)
- Re: SSL & IDS Bluefish (P.Magnusson) (Sep 01)
- Re: SSL & IDS Timothy J. Miller (Sep 01)
- Re: SSL & IDS Mikael Olsson (Sep 01)
- Re: SSL & IDS Ng Pheng Siong (Sep 02)
- Re: SSL & IDS Dragos Ruiu (Sep 02)
- Re: SSL & IDS Bluefish (P.Magnusson) (Sep 03)
- Re: SSL & IDS Pluto (Sep 08)
- Re: SSL & IDS Ng Pheng Siong (Sep 02)
- Re: SSL & IDS Benjamin P. Grubin (Sep 05)
- Re: SSL & IDS J Edgar Hoover (Sep 01)