[Snort-devel] Snort SSL
cmg at ...402...
Fri Oct 4 06:53:03 EDT 2002
"Peter Robinson" <peter at ...1601...> writes:
> Hi there...
> As I a new ot the list I have missed this discussion in the past and could
> not find a definitive answer in the archives
> Is it possible to get snort to decrypt ssl type connections and check them
> against the web* rules ?
Nope. There is no integration with the keying that would be required
to do this type of monitoring.
> I would be happy to use this type of feature to monitor traffic to a single
> https server if possible.
You can use apache mod_ssl as a proxy server to an unencrypted
webserver and let snort run on the intermediate link.
Chris Green <cmg at ...402...>
A watched process never cores.
More information about the Snort-devel