Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

stunnel anybody?

Posted on 2004-04-15
8
Medium Priority
?
339 Views
Last Modified: 2010-04-11
Hi,
 Just want to find out how difficult it is to use stunnel actually. Need to do up a proposal for some security measures, when I came across stunnel. Am a newbie in this area actually. Just wondering if I need to pick tha up, how much time will i need?
And recommendations?
0
Comment
Question by:QLJ
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 6

Accepted Solution

by:
bloemkool1980 earned 1500 total points
ID: 10839840
Well from a regular user point a view it is very hard to use as it is not out-of-the-box solution.
But for a techie familiar with ssh tunneling it would be a peace of cake.
THe security is good meaning that you can encrypt your traffic easy etc... but it has a disadvantage that you cannot see what users are doing in the tunnel. It could be the gate to your network which will make it uncontrolled for yourself. Your IDS will not see anything except a encrypted connection.
I would rather use SSH and tunnel through ssh if possibel and if not I use openvpn as a encryption gateway.
If you are a unix minded it will take you half a day to pick up Stunnel.
What you like to do really ?

0
 
LVL 1

Author Comment

by:QLJ
ID: 10855878
well, what really is the issue is that the company wishes to allow some privileged customers to be able to access some materials online, via our server. However, commercial SSL is not financially viable for us, as we will not be using it as often to maximise its usage.
I had wanted to make use of Windows security to allow login instead, but then it would not be as safe as using encryption, isn't it? Sadly, I am not Unix minded at all, so i guess it's gonna be a mean task to get ssh going... Will interest make up for this?
Is openVPN good for windows? What do you suggest I do?
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10857112
I would suggest OPENVPN as it works well on win2k or later. It is easy to deploy and easy to configure. For ssh you need more configuration to be done if you would like to have a lot of tunnel where OPENVPN tunnels everything.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 1

Author Comment

by:QLJ
ID: 10866338
took a look at OPENVPN. looks slightly friendly than stunnel. However, I am not quite sure if I get this right... I want to be able to encrypt the login and everything in https page. Does OPENVPN allow me to do that? rather than tunneling all the info?
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10866382
if you do https you do not need stunnel.
HTTPS is encrypted all the way.
0
 
LVL 1

Author Comment

by:QLJ
ID: 10866442
I thgt stunnel will enable me to get a certificate for SSL.
Any idea how I can get it to be done with minimal technical assistance? (besides going to a commercial CA)
0
 
LVL 6

Expert Comment

by:bloemkool1980
ID: 10866457
A commercial CA is only needed if you are having commercial activities.
If the HTTPS server is only used by you and people who know you you can generate your OWN certificate either by using Microsoft CA server or by using openssl.
http://tirian.magd.ox.ac.uk/~nick/openssl-certs/ca.shtml this link explains openssl usages
0
 
LVL 1

Author Comment

by:QLJ
ID: 10866502
oh ic.. so I'm mistaken... think I get the idea.. little by little!
0

Featured Post

WEBINAR - Latest Cyber Tips for Defense

Join the WatchGuard Threat Research Team on October 26th for an informative webinar featuring expert tips and tricks for defending your organization from today's latest cyber threats. Don't leave yourself vulnerable to attack. Register for the webinar today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
Will you be ready when the clock on GDPR compliance runs out? Is GDPR even something you need to worry about? Find out more about the upcoming regulation changes and download our comprehensive GDPR checklist today !
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question