[Snort-users] SSL and Snort

Marsiske Stefan - 3244 stefan.marsiske at ...1299...
Tue Mar 13 03:57:37 EST 2001

i tried to do it, but not programatically. i run my services on localhost, and
use stunnel forward to eth0 so snort can check the stuff unencrypted, but this
way you lose the source ip address. so it's not nice. anyhow it would be nice,
but i doubt that it is easy. since you may have more than one private key. how
does snort decide which one to use for decrypting? otherwise computationalwise
this is a hog. but still a nice feature...

On Mon, Mar 12, 2001 at 10:02:09PM -0600, Nalneesh Gaur wrote:
>    Has anyone played with SNort and OpenSSL?  If yes I would like to
>    learn how you are using it.  Does it work by sharing the private key
>    from the server with the SNORT IDS so that snort may decrypt the
>    content?
>    N
---end quoted text---

Stefan [http://web.interware.hu/stef] UPDATED:001031
gpg-key: http://web.interware.hu/stef/gpg.txt
quote: "Hackers do not feel that leisure time is automatically any more
meaningful than work time. The desirability of both depends on how they are
realized. From the point of a view of a meaningful life, the entire
work/leisure duality must be abandoned. As long as we are living our work or
our leisure, we are not even truly living. Meaning cannot be found in work or
leisure but has to arise out of the nature of the activity itself. Out of
passion. Social value. Creativity."

More information about the Snort-users mailing list