[Snort-users] Squid to Snort? Decrypted HTTPS traffic

Dorian ROSSE dorianbrice at hotmail.fr
Tue Mar 12 09:45:08 EDT 2019


I Don't know if you knew this program but squid can works which squidguard 🙂

Squidguard is a proxy program who scan the squid program which you can remove the bad using as a malicious page for exemple !

I hope you will like this program,


Dorian ROSSE.
De : Snort-users <snort-users-bounces at lists.snort.org> de la part de Felipe Arturo Polanco via Snort-users <snort-users at lists.snort.org>
Envoyé : lundi 11 mars 2019 21:16
À : snort-users at lists.snort.org
Objet : [Snort-users] Squid to Snort? Decrypted HTTPS traffic


Has anyone been able to redirect decrypted HTTPS traffic from squid to snort for traffic analysis?

Squid provide ICAP format redirection but I haven't found any Snort preprocessor for it.

Is it possible in Snort to analyze HTTPS at least?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20190312/6c21f6c4/attachment.html>

More information about the Snort-users mailing list