Re: Need to monitor SSL going out of my network

[nick black <dank () suburbanjihad net>]

windows were scaled to handle Daniel Velez's outburst:
> What options are available to me if I need to monitor the SSL HTTPS
> traffic from users on my network to an SSL web server outside that
> requires client authentication during the handshake?

eric rescorla (author of ssl & tls:  designing and building secure
systems) offers his excellent ssldump tool for free at
www.rtfm.com/ssldump.  it'll decode and summarize ssl records, and in an
escrow situation can decode application traffic.

-- 
nick black <dank () reflexsecurity com>
"np:  nondeterministic polynomial-time
the class of dashed hopes and idle dreams." - the complexity zoo


---------------------------------------------------------------------------
Captus Networks - Integrated Intrusion Prevention and Traffic Shaping  
 - Instantly Stop DoS/DDoS Attacks, Worms & Port Scans
 - Automatically Control P2P, IM and Spam Traffic
 - Ensure Reliable Performance of Mission Critical Applications
Precisely Define and Implement Network Security and Performance Policies
**FREE Vulnerability Assessment Toolkit - WhitePapers - Live Demo
Visit us at: http://www.captusnetworks.com/ads/31.htm
---------------------------------------------------------------------------