Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Snort-users digest, Vol 1 #1349 - 12 msgs

From: Ryan Russell <ryan () securityfocus com>
Date: Wed, 28 Nov 2001 12:18:22 -0700 (MST)
On Wed, 28 Nov 2001, Suke Li wrote:


RSA is an algorithm based on a one-way direction of big number
facterization funtion. There is no way for anyone who can use a public
key to get the private key. SSL is based on RSA algrorithm. So, no IDS
can decrypt the encrypted sessions in polynomial time. If the network
traffic is heaven, how can you decrypt the sessions? That is
impossible.


You intentionally share the private key with your IDS, which is what is
under discussion.  Snort doesn't do this currently, but it's perfectly
feasible if someone wants to add the code, and take the performance hit.
I don't think anyone is entertaining the idea of actually cracking RSA
keys with Snort. :)

                                        Ryan


_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: