[Bro] Stripping SSL on network level
Johanna Amann
johanna at icir.org
Thu Dec 13 14:44:55 PST 2018
Hi,
> I was wondering if it is possible for bro to do monitoring at network level
> and also strip SSL from all the machines in network and log unencrypted
> data?
Bro itself does not support any kind of SSL/TLS decryption. If it is fed
unencrypted data (e.g. sitting behing a SSL terminator) it will happily
log it.
> Has something be done to achieve this or are there any plans?
There are no plans current plans that I know of to implement this.
Johanna
More information about the Bro
mailing list