Snort mailing list archives
Re: Re: Snort-users digest, Vol 1 #1349 - 12 msgs
From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 28 Nov 2001 12:18:22 -0700 (MST)
On Wed, 28 Nov 2001, Suke Li wrote:
RSA is an algorithm based on a one-way direction of big number facterization funtion. There is no way for anyone who can use a public key to get the private key. SSL is based on RSA algrorithm. So, no IDS can decrypt the encrypted sessions in polynomial time. If the network traffic is heaven, how can you decrypt the sessions? That is impossible.
You intentionally share the private key with your IDS, which is what is under discussion. Snort doesn't do this currently, but it's perfectly feasible if someone wants to add the code, and take the performance hit. I don't think anyone is entertaining the idea of actually cracking RSA keys with Snort. :) Ryan _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Re: Snort-users digest, Vol 1 #1349 - 12 msgs Suke Li (Nov 27)
- Re: Re: Snort-users digest, Vol 1 #1349 - 12 msgs Ryan Russell (Nov 28)
- <Possible follow-ups>
- Re: Snort-users digest, Vol 1 #1349 - 12 msgs Suke Li (Nov 27)