Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Query about description of SSL option in configure

From: Brian Caswell <bmc () mitre org>
Date: Wed, 02 May 2001 19:40:44 -0400
Jason Haar wrote:

Minor point, but the "--with-openssl=DIR" option in configure. As far as I'm
aware, Snort only uses SSL for issues to do with the XML plugin? If that is
the case, shouldn't that be rewritten as:

--with-openssl=DIR          for SSL support for the XML output module

...until such a time as when Snort natively supports SSL for decrypting
known SSL traffic (like ssldump) on the fly :-)

[HTTPS must be the absolute enemy of IDS systems at the moment. Try matching
signatures when the attacker whacks away at your secure Web server.... :-(]


No, many things might use this.  I started work on SSL support for
postgres queries.  I'm sure that other plugins might use them as well.

-brian

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
http://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
Previous By Date Next
Previous By Thread Next

Current thread: