OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jason Haar (Jason.Haartrimble.co.nz)
Date: Thu May 02 2002 - 15:39:15 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    On Thu, May 02, 2002 at 12:51:02PM -0400, Slade Edmonds wrote:
    > Could anyone direct me to information regarding snorting SSL traffic? Is it
    > just a matter of taking the rules files designed for monitoring standard
    > http port 80 and adding an ssl port to it?

    Reverse proxies are your friends...

    The world talks to you SSL servers, which in reality are reverse proxies and
    they talk standard HTTP back to the real backend servers. Snort sits in
    between, and can monitor the HTTP traffic.

    Works well :-) 

    -- 
Cheers

    Jason Haar

    Information Security Manager
Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417

    _______________________________________________________________

    Have big pipes? SourceForge.net is looking for download mirrors. We supply
the hardware. You get the recognition. Email Us: bandwidthsourceforge.net
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users