[Snort-users] Snort HTTPS
nahc285 at gmail.com
Tue Mar 12 16:37:02 EDT 2019
Thanks for clarifying.
On Tue, Mar 12, 2019, 4:34 PM Joel Esler (jesler) <jesler at cisco.com> wrote:
> > On Mar 12, 2019, at 4:17 PM, Kai Chan via Snort-users <
> snort-users at lists.snort.org> wrote:
> > Can Snort monitor HTTPS sessions, not just the handshake?
> It can monitor the handshake, however, not much is useful after that, as
> it would be encrypted.
> > Do you have to pay for rule subscriptions to get this?
> No, you'd have to have something decrypting the traffic before it reaches
> Joel Esler
> Manager, Communities Division
> Cisco Talos Intelligence Group
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users