[Snort-users] Re: Project PigRoast and logging...

Jed Pickel jed at ...153...
Wed Oct 11 13:49:38 EDT 2000


> just out of curiosity, is the mysql traffic encrypted in anyway? has
> anyone configured snort to log to a database through an ssl tunnel?
> yonah

The database plugin uses the mysqlclient library which does not
encrypt traffic in the latest stable versions (it does not send a
plaintext password though). Using stunnel or ssh port forwarding is
currently the only way to encrypt mysql traffic. There are a few
people out there doing this. I have heard the MySQL developers added
SSL support in their beta version but I was unable to track down any
documentation of this last time I checked. Once I can track down some
docs about this I will be sure to add support for it in the database
plugin.

* Jed



More information about the Snort-users mailing list