[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ssldump-users
Subject:    Re: FWD: write to file
From:       Todd Holloway <todd () duckland ! org>
Date:       2002-12-20 17:14:51
[Download RAW message or body]

what I'm trying to do is pass the decrypted HTTPS traffic to snort
through a "pipe". 

I can already "pipe" tcpdump writes to ssldump, but w/o ssldump 
ability to write BPF I can't see getting snort to read that 
decrypted HTTPS traffic.

oh well...thanks for all your help.

todd

On Fri, Dec 20, 2002 at 09:03:41AM -0800, Eric Rescorla wrote:
> For some reason the administrivia filter bounced this.
> ---------------------
> No, you can't use ssldump to save to file. Use tcpdump for that.
> 
> -Ekr
> 
> 
> To: ssldump-users@rtfm.com
> Subject: write to file?
> Message-ID: <20021220164917.GB13385@duckland.org>
> Mime-Version: 1.0
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> User-Agent: Mutt/1.4i
> X-Spam-Status: No
> X-Disclaimer: Duckland.org reserves the right to read and modify any email passing \
>                 through here or just drop it on the floor.  You have been warned
> X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang)
> 
> ok now that I can read BPF...can I write them?
> 
> todd
> 
> -- 
> [It] contains "vegetable stabilizer" which sounds ominous.  How unstable are \
> vegetables?  Jeff Zahn

-- 
[It] contains "vegetable stabilizer" which sounds ominous.  How unstable are \
vegetables?  Jeff Zahn


[prev in list] [next in list] [prev in thread] [next in thread]