[Bro] Fwd: Logging an SSL Certificate
alvinh999 at gmail.com
Thu Jul 28 06:30:49 PDT 2011
I was just wondering if there was a way to log the SSL certificates from an
SSL handshake. I want to log these so that I can check the signer
specifically and check their authenticity. I have been working in Snort IDS
but I haven't been able to get this to work so I am going to try Bro if it
is possible here instead. The main problems I run into on Snort is the TCP
packets not reassembling and figuring out what content match to look for in
the rules (although I can look through Wireshark and pull something out to
try easily). Is this possible in Bro? Someone told me it would be available
out of box on Bro so I am seriously considering this.
Thanks in advance,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro