[Oisf-users] Analysis of SSL-decrpyted traffic
Cooper F. Nelson
cnelson at ucsd.edu
Wed Feb 26 21:12:09 UTC 2020
Oh ok, I've never done a deployment like that so I'm not sure how that
would work.
Personally I would run two separate suricata processes, one per interface.
-Coop
On 2/26/2020 2:30 AM, Federico Foschini wrote:
> However I did some testing and it looks like that if I’m only sniffing
> from the firewall interface everything is working fine. The issue
> starts when I’m sniffing both from the mirror port on the switch and
> on the firewall with this configuration:
--
Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042
More information about the Oisf-users
mailing list