1. Home
  2. pfSense Packages
  3. Snort + squid3 (transparent http/https) - inspect ssl traffic?

Snort + squid3 (transparent http/https) - inspect ssl traffic?

  • N

    Hi,

    I am using the snort 2.9.7.0 pkg v3.2.3 package. I am using this package in a home environment and I would be interested in if snort can inspect the https traffic. I have squid running in transparent mode for http and https and this is working. Or is snort only able to inspect the traffic which is not encrypted?

    Thank you for your feedback!

    0
  • marcelloc

    Not sure it will work as squid does a lot of work to intercept it and communication on lan and wan keeps encrypted.

    0
  • bmeeks

    I agree with marcelloc.  Snort would still see only the encrypted traffic and thus not be able to inspect it.

    Bill

    0
  • N

    Hmm,

    wanted to click "Thanks" for both posts but just works for one.
    So thank you for your feedback. Would be a nice feature if it works but it is probably not that easy.

    Thanky you!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy