Snort & Beast TLS attack

  • Can Snort detect and block Beast attack ?

    I'm hosting couple of IIS servers with SSL certificates, but on some SSL Testing website the result says that your servers are exposed to Beast attacks.

  • No. That's a client-side attack that's impossible to detect server-side. The fact it's telling you you're "exposed" to that tells me it's a typical scare-mongering site, every HTTPS server that has to work with a wide range of browsers (eg can't use TLS v1.1+) is "exposed" to that.

  • Thanks for the heads up man..  ;D

Log in to reply