[Snort-users] Encrypted sessions

Michael Scheidell scheidell at ...3799...
Tue Nov 27 14:51:02 EST 2001


> Date: Tue, 27 Nov 2001 14:53:22 -0600
> From: "Ronneil Camara" <ronneilc at ...4042...>
> To: <snort-users at lists.sourceforge.net>
> Subject: [Snort-users] Encrypted sessions
>
> How does snort deal with encrypted communication. Let say, I would to
> monitor https connection to my web server or we've got an encrypted
> connection to other mail server. Would snort know about those attacks?
>
> This is what the big vendor company mentioned to me about snort's
> weakness.

And the 'big vendor' can decrypt encrypted sessions? or are they just
blowing smoke?
No, snort will not decrypt ssh or ssl sessions and I doubt 'big vendor' can
either.







More information about the Snort-users mailing list