[Snort-openappid] New to Snort & App-id

Vaibhav parlekar vaibhav.parlekar at ...8...
Tue May 12 14:23:38 EDT 2015


Hi Edison,

Thanks a lot for this. Do you mean MIT man in the middle function where in
snort can intercept the ssl request and decrypt and read and understand the
app.

I didn't get the part of Squid + ICAP Echo. Sorry for my novoice question.

Regards

Vaibhav

On Tue, May 12, 2015 at 5:30 PM, Edison Figueira Junior <efjgrub at ...8...>
wrote:

> Hi Vaibhav,
>
> you need a MIT to snort detect this traffic.
>
> squid + icap echo is an option.
>
> Enviado do meu iPhone
>
> > Em 12/05/2015, às 08:44, Vaibhav parlekar <vaibhav.parlekar at ...82....>
> escreveu:
> >
> > Hi,
> >
> > I am completely new to snort & App-id but I have worked on other
> commercial IPS. My query is do we have to turn on the SSL decryption
> function on snort for detecting ssl applications like facebook-chat,
> facebook-games which are only shown once the user is authenticated to
> facebook and the entire communication is in SSL after that.
> >
> > Regards
> >
> > Vaibhav
> >
> ------------------------------------------------------------------------------
> > One dashboard for servers and applications across Physical-Virtual-Cloud
> > Widest out-of-the-box monitoring support with 50+ applications
> > Performance metrics, stats and reports that give you Actionable Insights
> > Deep dive visibility with transaction tracing using APM Insight.
> > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> > _______________________________________________
> > Snort-openappid mailing list
> > Snort-openappid at lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/snort-openappid
> >
> > Please visit http://blog.snort.org to stay current on all the latest
> Snort news!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20150512/848520eb/attachment.html>


More information about the Snort-openappid mailing list