Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

SSL has been seen as the solution to a lot of common security problems. Administrator will often time make use of SSL to encrypt communications from points A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

A.
SSL will slow down the IDS while it is breaking the encryption to see the packet content

B.
SSL is redundant if you already have IDS’s in place

C.
SSL will mask the content of the packet and Intrusion Detection System are blinded

D.
SSL will trigger rules at regular interval and force the administrator to turn them off

Explanation:
An IDS will not be able to evaluate the content in the packets if it is encrypted.



Leave a Reply 1

Your email address will not be published. Required fields are marked *