[Snort-users] SSL and Snort

Jim Hranicky jfh at ...5250...
Mon Feb 6 15:14:41 EST 2012


On Mon, 6 Feb 2012 11:51:32 -0500
PS <packetstack at ...11827...> wrote:

> Hello,
> 
> Does anyone know of a free/opensource tool which could decrypt ssl
> and make accessible to snort?
> 
> Something like a mitm proxy with the capability to pass the
> unencrypted packets over to snort for analysis.
> 
> Thanks!
> 
> Victor Pineiro

Someone sent this to the Emerging Threats list a while back: 

  http://lists.emergingthreats.net/pipermail/emerging-sigs/2011-August/015186.html

Seems like it should work for a regular linux-based router, though
getting the info to snort would probably take a little work. 

-- 
Jim Hranicky
IT Security Engineer
Office of Information Security and Compliance
University of Florida




More information about the Snort-users mailing list