[Snort-users] Problem to read the payload from port 443

orkid 1116 orchidla7484 at ...131...
Wed May 10 14:45:21 EDT 2006

  I have problem to read the payload from port 443....actually,i already know...of course we can’t read the payload because port 443 is secure layer...
  but maybe have any tools can generate the payload that enable to read...any ideas to solve this problem???i believe this problem must have the solution...but i didn't find....please help me.....as soon as possible....
  this is example of the alert signature
  WEB-MISC SSLv3 invalid Client_Hello attempt
  The example of unreadable payload
    a  ]   
yB–Å&Àt¼*SŠKÚ,ˆû´£êf" ò£nµÔ­ nù#è[1]£/·FÊӝy5À—œŒ5>ËAÜ     
               d b   
    „  €]kõ#¦‡ŒK3¶Ž&¸
  ;ÔeýêÞ¦ê 2®­ïåg

¨¦Ú¨    ›Â%[   
whÎRjýs¶Þ¹úž€ žs€oqá­N™AÌU¼xã*ðîÒ   
  attacked port : 443

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20060510/05088455/attachment.html>

More information about the Snort-users mailing list