ginsko3 at gmail.com
Thu Jan 16 07:12:20 PST 2014
I need to block all SSL traffic going to my Bro box. I was going to
use BPF to accomplish this
task using a zero source address and a port number. So something like this:
#Nothing from src host to dst port
!(src host 0.0.0.0/0 && dst port 443) &&
Does that make sense and will it work? Do you all have any other ways to
permanently filter traffic?
Email: ginsko3 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro