Snort & Beast TLS attack



  • Can Snort detect and block Beast attack ?

    I'm hosting couple of IIS servers with SSL certificates, but on some SSL Testing website the result says that your servers are exposed to Beast attacks.



  • No. That's a client-side attack that's impossible to detect server-side. The fact it's telling you you're "exposed" to that tells me it's a typical scare-mongering site, every HTTPS server that has to work with a wide range of browsers (eg can't use TLS v1.1+) is "exposed" to that.



  • Thanks for the heads up man..  ;D


Locked