On 12 Mar 2002, at 16:00, Sweth Chandramouli wrote: > On Tue, Mar 12, 2002 at 02:34:51PM +0100, Alexandre Dulaunoy wrote: > > > > - How the device handles encrypted connection (like SSL/TLS, SSH...) ? > > - Maybe you can store private key on the sentry box ? (maybe quite dangerous > > I'm not sure I understand these questions; could you clarify them? Understanding that Alexandre is starting from an assumption that what the Sentry is doing is sniffing traffic -- an assumption that Sweth responded to elsewhere, although not quite definitively -- the questions are asking whether the Sentry can sniff *encrypted* traffic. (The second question asks about a specific (but dangerous) way this might be done.) The way I read Sweth's reply to the sniffing assumption -- and I may have misunderstood -- is that the Sentry doesn't (or didn't) sniff traffic passing by or through itself, but relies on logs, etc, from other devices. Those devices could include the local terminus of encrypted traffic, so I don't think it ever needs to see or decrypt the traffic itself. DG --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Wed Mar 13 2002 - 13:21:50 PST