[Snort-users] Query about description of SSL option in configure

Jason Haar Jason.Haar at ...294...
Wed May 2 19:19:16 EDT 2001


Minor point, but the "--with-openssl=DIR" option in configure. As far as I'm
aware, Snort only uses SSL for issues to do with the XML plugin? If that is
the case, shouldn't that be rewritten as:

--with-openssl=DIR          for SSL support for the XML output module


...until such a time as when Snort natively supports SSL for decrypting
known SSL traffic (like ssldump) on the fly :-)

[HTTPS must be the absolute enemy of IDS systems at the moment. Try matching
signatures when the attacker whacks away at your secure Web server.... :-(]

-- 
Cheers

Jason Haar

Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417




More information about the Snort-users mailing list