[Snort-devel] [SUSPECTED SPAM] [Snort-users] Snort HTTPS
Joel Esler (jesler)
jesler at cisco.com
Tue Mar 12 16:34:06 EDT 2019
> On Mar 12, 2019, at 4:17 PM, Kai Chan via Snort-users <snort-users at lists.snort.org> wrote:
> Can Snort monitor HTTPS sessions, not just the handshake?
It can monitor the handshake, however, not much is useful after that, as it would be encrypted.
> Do you have to pay for rule subscriptions to get this?
No, you'd have to have something decrypting the traffic before it reaches Snort.
Manager, Communities Division
Cisco Talos Intelligence Group
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3010 bytes
Desc: not available
More information about the Snort-devel