|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: PS (packetstack
gmail.com)
Date: Mon Feb 06 2012 - 12:53:58 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Do you have personal experience with viewssld?
I would like to do this for connections that are made out to the internet. Since I do not have the private keys for the public web servers, I will be using a proxy server (squid) with its ssl-bump feature to perform the sslmitm. From looking at the config file of viewssld, it looks like I will have to provide a certificate for each website that I would like to monitor. Is that how sslmitm is usually performed?
Do you know if many companies have sslmitm for internet connections, or is it primarily used for reverse proxy implementations?
Thank you!
On Feb 6, 2012, at 12:04 PM, Richard Bejtlich wrote:
> This is a popular question...
>
> http://resources.infosecinstitute.com/ssl-decryption/
>
> Sincerely,
>
> Richard
>
> On Mon, Feb 6, 2012 at 11:51 AM, PS <packetstackgmail.com> wrote:
>> Hello,
>>
>> Does anyone know of a free/opensource tool which could decrypt ssl and make accessible to snort?
>>
>> Something like a mitm proxy with the capability to pass the unencrypted packets over to snort for analysis.
>>
>> Thanks!
>>
>> Victor Pineiro
>>
>>
>> ------------------------------------------------------------------------------
>> Try before you buy = See our experts in action!
>> The most comprehensive online learning library for Microsoft developers
>> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
>> Metro Style Apps, more. Free future releases when you subscribe now!
>> http://p.sf.net/sfu/learndevnow-dev2
>> _______________________________________________
>> Snort-users mailing list
>> Snort-userslists.sourceforge.net
>> Go to this URL to change user options or unsubscribe:
>> https://lists.sourceforge.net/lists/listinfo/snort-users
>> Snort-users list archive:
>> http://www.geocrawler.com/redir-sf.php3?list=snort-users
>>
>> Please visit http://blog.snort.org to stay current on all the latest Snort news!
------------------------------------------------------------------------------
Try before you buy = See our experts in action!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Please visit http://blog.snort.org to stay current on all the latest Snort news!
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]