[Oisf-users] Decrypt ssl sessions

Alec Waters Alec.Waters at dataline.co.uk
Mon Nov 21 16:28:12 UTC 2011

Hi Robert, 

> Also, the scenario I described is a much easier problem to solve than the
> general case of decrypting arbitrary SSL traffic. My solution only works if
> the IDS has the private keys necessary to decrypt the traffic, which you
> would be in a position to have if you also control the servers you're
> looking to protect...

If you've got the private key, you can use viewssld to perform on-the-fly decryption of SSL traffic:


Alec Waters CCNP - Infrastructure Manager - Dataline Software Ltd 

Dataline does more than just Software! 
Read about our network security and forensics work here: 

Dataline Software Ltd 
Clarence House, 30-31 North Street, Brighton, BN1 1EB, UK 

Tel: +44 (0)1273 324939 
Fax: +44 (0)1273 205576 
www: http://www.dataline.co.uk 
IPv6: http://www.ipv6.dataline.co.uk
This communication is from Dataline Software Ltd. Dataline Software Ltd is a limited company registered in England and Wales with registered number 1717921 and its registered office at 8 The Drive, Hove, BN3 3JT, United Kingdom. This communication is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s) please note that any form of disclosure, distribution, copying or use of this communication or the information in it or in any attachments is strictly prohibited and may be unlawful. If you have received this communication in error, please return it with the title "received in error" to enquiries at dataline.co.uk then delete the email and destroy any copies of it. Email communications cannot be guaranteed to be secure or error free, as information could be intercepted, corrupted, amended, lost, destroyed, arrive late or incomplete, or contain viruses. We do not accept liability for any such matters or their consequences. Anyone who communicates with us by email is taken to accept the risks in doing so. Opinions, conclusions and other information in this e-mail and any attachments which do not relate to the official business of the firm are neither given nor endorsed by it.

More information about the Oisf-users mailing list