[Snort-users] encrypted traffic

Marcio Guerreiro marcio.guerreiro at ...16117...
Mon Aug 10 09:59:11 EDT 2015

Hi all


I have a question… I hope you guys can suggest me something to read about it…


Considering that a great number of websites use SSL and the Snort documentation suggests that we should not enable encrypted traffic verification.. what it is going to happen ?



1 - Should Snort be deployed with powerful hardware capable to deal with the expensive computational demand generated by encrypted traffic ?


2 - Should I remove  noinspect_encrypted from my snort.conf and enable the encrypted verification ?


3 - if I enable that, will Snort verify the whole packet contents ? (data payload) 




Thank you



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150810/7946c761/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 70108 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20150810/7946c761/attachment.png>

More information about the Snort-users mailing list