[Snort-users] Squid to Snort? Decrypted HTTPS traffic
dorianbrice at hotmail.fr
Tue Mar 12 09:45:08 EDT 2019
I Don't know if you knew this program but squid can works which squidguard 🙂
Squidguard is a proxy program who scan the squid program which you can remove the bad using as a malicious page for exemple !
I hope you will like this program,
De : Snort-users <snort-users-bounces at lists.snort.org> de la part de Felipe Arturo Polanco via Snort-users <snort-users at lists.snort.org>
Envoyé : lundi 11 mars 2019 21:16
À : snort-users at lists.snort.org
Objet : [Snort-users] Squid to Snort? Decrypted HTTPS traffic
Has anyone been able to redirect decrypted HTTPS traffic from squid to snort for traffic analysis?
Squid provide ICAP format redirection but I haven't found any Snort preprocessor for it.
Is it possible in Snort to analyze HTTPS at least?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users