[Snort-openappid] Query regarding encrypted facebook traffic

Costas Kleopa (ckleopa) ckleopa at ...5...
Fri Oct 21 09:36:25 EDT 2016

Make sure you have -k none (to not ignore bad checksums) and -P 9000 (to allow jumbo frames) on your snort command line.

On Oct 21, 2016, at 3:49 AM, Poonam <poonam at ...142...<mailto:poonam at ...144.....>> wrote:


I have just started using the openAppId Application for Snort. But somehow I am not able to capture the facebook traffic. My facebook traffic is SSL encrypted. Can anyone provide me some insight for this?

Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org<http://slashdot.org/>! http://sdm.link/slashdot_______________________________________________
Snort-openappid mailing list
Snort-openappid at lists.sourceforge.net<mailto:Snort-openappid at ...12...rge.net>

Please visit http://blog.snort.org<http://blog.snort.org/> to stay current on all the latest Snort news!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-openappid/attachments/20161021/0acf1fee/attachment.html>

More information about the Snort-openappid mailing list