Snort mailing list archives
Re: Code Red and port 443 (was RE: Code Red HELP!!!!)
From: Jason Haar <Jason.Haar () trimble co nz>
Date: Thu, 9 Aug 2001 14:49:16 +1200
On Wed, Aug 08, 2001 at 09:28:34AM +0200, Thierry Coopman wrote:
The only way to avoid this is to have a reverse SSL proxy sending the requests, but the source of the *evil* requests will always be originating from the proxy, so you need to match them up with the proxy logs. The proxy can be used to filter unwanted traffic out of the requests too (like de XXXXXXXXX string to buffer overflow the server...
Doesn't the likes of stunnel have a transparent mode? You set up a stunnel server as the router for your Web servers, Internet SSL's to it, and it talks unencrypted to the end hosts. Voila! IDS works and everyone's got "free" SSL support :-) -- Cheers Jason Haar Unix/Special Projects, Trimble NZ Phone: +64 3 9635 377 Fax: +64 3 9635 417 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: http://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- RE: Cod Red HELP!!!!, (continued)
- RE: Cod Red HELP!!!! Nigel Morse (Aug 07)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- RE: Cod Red HELP!!!! Carolyn Beckman (Aug 07)
- Code Red and port 443 (was RE: Code Red HELP!!!!) George D. Nincehelser (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Carolyn Beckman (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Thierry Coopman (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Marsiske Stefan (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Mike Johnson (Aug 08)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Erek Adams (Aug 08)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: Code Red and port 443 (was RE: Code Red HELP!!!!) Jason Haar (Aug 08)
- RE: Cod Red HELP!!!! Nigel Morse (Aug 07)
- RE: Cod Red HELP!!!! s I n (Aug 07)
- Re: RE: Cod Red HELP!!!! Kyle R Maxwell (Aug 07)
- Re: RE: Cod Red HELP!!!! s I n (Aug 08)
- Re: RE: Cod Red HELP!!!! Erek Adams (Aug 08)
- Re: RE: Cod Red HELP!!!! tibuq (Aug 08)
- Re: Cod Red HELP!!!! Advanced Hosting UNIX Admin Daniel Fairchild (Aug 10)