Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

SSL has been seen as the solution to several common security problems. Administrators will often make use of SSL to encrypt communication from point A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

SSL has been seen as the solution to several common security problems. Administrators will often make use of SSL to encrypt communication from point A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

A.
SSL is redundant if you already have IDS in place.

B.
SSL will trigger rules at regular interval and force the administrator to turn them off.

C.
SSL will slow down the IDS while it is breaking the encryption to see the packet content.

D.
SSL will mask the content of the packet and Intrusion Detection System will be blinded.

Explanation:
Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload.



Leave a Reply 0

Your email address will not be published. Required fields are marked *