Snort mailing list archives
Re: Code Red and port 443 (was RE: Code Red HELP!!!!)
From: Erek Adams <erek () theadamsfamily net>
Date: Wed, 8 Aug 2001 10:13:16 -0700 (PDT)
On Wed, 8 Aug 2001, Mike Johnson wrote:
If you were really this concerned about your SSL traffic, you've got a couple options. You can buy on of Intel's (someone else may make them, as weel) SSL accelerators that sit in front of your server. It acts as the SSL endpoint and spits plain text out the back end to your web servers. So, the traffic is protected across the big nasty Internet, but it's clear text to your web servers. You would then put snort on the part of the network where the traffic is in clear text. Your other option is to try something similar with stunnel.
Someone PLEASE correct me if I'm wrong but..... SSL uses keys. You should have the key to the servers you control. Grab the key. You could then have a ssl-decode plugin that uses the key to decode the traffic and then pass it thru snort. Of course, I'm not a coder and I'm not a ssl person (at all!) so I might be smokin' crack. ;-) ----- Erek Adams Nifty-Type-Guy TheAdamsFamily.Net _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Cod Red HELP!!!!, (continued)
- RE: Cod Red HELP!!!! Mark Spieth (Aug 07)
- RE: Cod Red HELP!!!! Nigel Morse (Aug 07)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- RE: Cod Red HELP!!!! Carolyn Beckman (Aug 07)
- Code Red and port 443 (was RE: Code Red HELP!!!!) George D. Nincehelser (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Carolyn Beckman (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Thierry Coopman (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Marsiske Stefan (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Erek Adams (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Jason Haar (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: RE: Cod Red HELP!!!! Kyle R Maxwell (Aug 07)
- Re: RE: Cod Red HELP!!!! s I n (Aug 08)
- Re: RE: Cod Red HELP!!!! Erek Adams (Aug 08)
- Re: RE: Cod Red HELP!!!! tibuq (Aug 08)
- Re: Cod Red HELP!!!! Advanced Hosting UNIX Admin Daniel Fairchild (Aug 10)