[Snort-openappid] New to Snort & App-id

Costas Kleopa (ckleopa) ckleopa at ...5...
Tue May 12 11:20:15 EDT 2015


Snort does not have the ability to do any kind of SSL decryption on its own. These facebook subclassifications are only able to be used if you were running your traffic behind an SSL appliance which allows the decryption of your traffic.

Thanks
Costas

> On May 12, 2015, at 7:44 AM, Vaibhav parlekar <vaibhav.parlekar at ...8...> wrote:
> 
> Hi, 
> 
> I am completely new to snort & App-id but I have worked on other commercial IPS. My query is do we have to turn on the SSL decryption function on snort for detecting ssl applications like facebook-chat, facebook-games which are only shown once the user is authenticated to facebook and the entire communication is in SSL after that.
> 
> Regards
> 
> Vaibhav
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud 
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y_______________________________________________
> Snort-openappid mailing list
> Snort-openappid at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/snort-openappid
> 
> Please visit http://blog.snort.org to stay current on all the latest Snort news!





More information about the Snort-openappid mailing list