[Snort-users] SSL and Snort

PS packetstack at ...11827...
Mon Feb 6 15:56:38 EST 2012


I will also take a look at this. Thanks!

On Feb 6, 2012, at 3:14 PM, Jim Hranicky wrote:

> On Mon, 6 Feb 2012 11:51:32 -0500
> PS <packetstack at ...11827...> wrote:
> 
>> Hello,
>> 
>> Does anyone know of a free/opensource tool which could decrypt ssl
>> and make accessible to snort?
>> 
>> Something like a mitm proxy with the capability to pass the
>> unencrypted packets over to snort for analysis.
>> 
>> Thanks!
>> 
>> Victor Pineiro
> 
> Someone sent this to the Emerging Threats list a while back: 
> 
>  http://lists.emergingthreats.net/pipermail/emerging-sigs/2011-August/015186.html
> 
> Seems like it should work for a regular linux-based router, though
> getting the info to snort would probably take a little work. 
> 
> -- 
> Jim Hranicky
> IT Security Engineer
> Office of Information Security and Compliance
> University of Florida





More information about the Snort-users mailing list