Re: Breaking SSL

[Luis Daniel Lucio Quiroz <luis.daniel.lucio () gmail com>]

Snort pre-processor is discontinued, It does not compile against 2.8.  However 
I found viewssld, a daemon that uses dssl lib (owners of ssltech) to crypt and 
drecrypt. It works but, it has a but.

Viewssl reads ssl traffic from a source interface and writes decrypted traffic in 
other interface.  It works, we successfully can snif dummy0 and see "GET 
request" from a https connectioon.  How ever, we are no able to see HTML in 
return.  I dont know if is a miss capability of viewssl or dssl lib does not 
deals with this.

Any of you have tried this?

TIA

Le dimanche 15 mars 2009 10:46:22, Paul Melson a écrit :
> On Sun, Mar 15, 2009 at 12:19 PM, Luis Daniel Lucio Quiroz
>
> <luis.daniel.lucio () gmail com> wrote:
> > If I set a snort in line mode, is it possible to break SSL connectiosn to
> > see what is going on? how?
>
> There's a third-party project for a Snort SSL prepocessor that can do
> this where you have the private key (web servers, SSL VPN, etc.)
>
> http://www.ssltech.net/sfssl/index.html
>
> PaulM


------------------------------------------------------------------------------
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users