Bro communication via SSL

robin · June 21, 2011, 1:20pm

Hi all,

I'd like to understand to which degree folks are currently using Bro's
built-in support for doing Bro-to-Bro or Bro-to-Broccoli communication
via SSL.

My hunch is that not many installations are using this, though I know
a few that do (note that if you haven't configured SSL specifically,
you are not using it :-).

Those who do use SSL for Bro communication, would it be an option to
replace it with something externally like stunnel?

I'm asking because we're planing to rework the communication layer
quite a bit. Not only has supporting SSL directly been quite a pain in
the past, but we'd also be more flexbile in terms of leveraging
external libraries if SSL were not crucial.

Robin

Martin_Holste · June 21, 2011, 1:32pm

I second this idea. No encryption would help a lot and cut down on
compile requirements. It can also make debugging easier. To achieve
confidentiality, I wire all my NMS together using OpenVPN so they have
their own private network, though stunnel would work just fine as
you've pointed out.

Seth_Hall3 · June 21, 2011, 1:51pm

It actually won't cut down on compilation requirements due to OpenSSL being a required dependency for the next release.

.Seth

robin · June 21, 2011, 7:04pm

(Just to clarify, that dependency is due to new SSL protocol
*analyzer*.)

Robin

Topic		Replies	Views
SSL for FreeBSD/bro Zeek	5	77	May 6, 2022
SSL/TLS parameters used in Bro, Broccoli Zeek	3	57	May 6, 2022
Potential of including TLSv1.3 support in Bro 2.5 Development development	8	61	May 6, 2022
Bro quickstart Zeek	4	63	May 6, 2022
BRO issues Zeek	2	58	May 6, 2022

Bro communication via SSL

Related Topics