[Snort-users] Squid to Snort? Decrypted HTTPS traffic

Joel Esler (jesler) jesler at cisco.com
Mon Mar 11 17:23:10 EDT 2019



> On Mar 11, 2019, at 4:16 PM, Felipe Arturo Polanco via Snort-users <snort-users at lists.snort.org> wrote:
> 
> Is it possible in Snort to analyze HTTPS at least?


Not without prior decryption.  

--
Joel Esler
Manager, Communities Division
Cisco Talos Intelligence Group
http://www.talosintelligence.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190311/a64b49c8/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3010 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190311/a64b49c8/attachment.bin>


More information about the Snort-users mailing list