[Snort-users] Problem to read the payload from port 443

orkid 1116 orchidla7484 at ...131...
Wed May 10 14:45:21 EDT 2006


Hello,
   
  I have problem to read the payload from port 443....actually,i already know...of course we can’t read the payload because port 443 is secure layer...
  but maybe have any tools can generate the payload that enable to read...any ideas to solve this problem???i believe this problem must have the solution...but i didn't find....please help me.....as soon as possible....
   
  this is example of the alert signature
   
  WEB-MISC SSLv3 invalid Client_Hello attempt
   
  The example of unreadable payload
   
    
---------------------------------
    a  ]   
---------------------------------
   D[*‑Iï
7g
yB–Å&Àt¼*SŠKÚ,ˆû´£êf" ò£nµÔ­ nù#è[1]£/·FÊӝy5À—œŒ5>ËAÜ     
---------------------------------
       
               d b   
---------------------------------
      c   
---------------------------------
    „  €]kõ#¦‡ŒK3¶Ž&¸
_›^ª€jz+X\³I­àî‹›ö%Ê¥Ò;:ߘ”T´=ÍtZ‚œ~{'±Fò+„¹
bDóøW/#&LË
–_àhÖVKqzFÔïmŸQ   
---------------------------------
  ;ÔeýêÞ¦ê 2®­ïåg

¨¦Ú¨    ›Â%[   
---------------------------------
   ¢rï   
---------------------------------
      
---------------------------------
    8ãHŸSúÞMê!Œ¯zÁÒ¡|
whÎRjýs¶Þ¹úž€ žs€oqá­N™AÌU¼xã*ðîÒ   
   
  attacked port : 443
   



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20060510/05088455/attachment.html>


More information about the Snort-users mailing list