Decrypt Web Server SSL with Squid3 Reverse Proxy for Snort inspection

pfSense Packages
Log in to reply
  • X

    What I'm trying to make happen is to use Squid3 Reverse Proxy to decrypt incoming SSL traffic to a web server so that I can inspect with Snort.
    Is that possible?

    If so, I can provide what I've configured so far and maybe someone can help me figure out what I'm missing?

    If Squid3 and Snort cannot be used in this way, can someone recommend to me what I should be using?

    Thanks very much.

    0
  • X

    Would I be better off using Proxy Server with Mod_Security?

    0
  • marcelloc

    @xbaldx:

    Would I be better off using Proxy Server with Mod_Security?

    Yes, as modsecurity will do a better job then snort in http inspection.

    Current modsecurity package is quite old and missing some features. I'm working on a new package version, but I'm not having much free time to finish it.

    0
  • X

    OK thanks for the reply.  I'll keep an eye out for the package.

    0

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy