[Snort-sigs] SSL traffic block using Snort rules

waldo kitty wkitty42 at ...3507...
Mon Aug 25 22:14:30 EDT 2014


On 8/25/2014 9:36 AM, Ravi Kukadia wrote:
> Hi,
>
> I wanted to understand that is it possible to block SSL traffic using Snort
> rules? I wanted to block https websites on my network but not sure whether I can
> do with Snort or not.

yes, it is possible... simply detect the originating SYN on the port and drop... 
but then why do all that when you can simply drop/block on the firewall??

-- 
  NOTE: No off-list assistance is given without prior approval.
        Please *keep mailing list traffic on the list* unless
        private contact is specifically requested and granted.




More information about the Snort-sigs mailing list