[Snort-devel] ssldump...

Martin Roesch roesch at ...48...
Thu Nov 23 00:35:09 EST 2000


Fyodor wrote:
> 
> On Mon, Nov 13, 2000 at 06:16:01PM -0500, Jed Pickel wrote:
> > > There was an idea floating around regarding snort plugin to 'dump' ssl traffic
> > > if secret keys are available, today my co-worker pushed me a url to
> > > ssldump which appeared on freshmeat.net, quite interesting creature on the same
> > > topic, any comments? :)
> >
> > Funny. I just noticed the same thing today on packetstorm. This could
> > __kick ass__ as a preprocessor/detection plugin! There is a custom
> > (non-gpl) license included with the distro. We ought to get in touch
> > with Eric Rescorla (the author) and see if he is up for incorporating
> > this functionality in Snort.
> >
> 
> 
>  well, in worst case we can just take and rewrite code, I guess, no? :)
> but indeed it makes sence to talk to the guy first :)

Definitely.  If we could integrate this functionality into Snort it'd kick
some serious butt.  Maybe we could beat the commercial guys to the punch with
this one. :)

   -Marty

-- 
Martin Roesch
roesch at ...48...
http://www.snort.org



More information about the Snort-devel mailing list