On Thu, Mar 26, 2009 at 4:24 PM, Walt Williams <walt.williams@gmail.com> wrote:
Snort may or may not detect application layer attacks over ssl, but it
can't do anything to prevent them.  ModSecurity can be configured to
do both.

Snort could be configured also to block attack - eg. as an IPS.

Regards