|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: AW: [Snort-users] ssh vs stunnel
From: Matt Kettler (mkettler
evi-inc.com)
Date: Tue Jul 01 2003 - 12:42:17 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 05:25 PM 7/1/2003 +0200, Jochen Vogel wrote:
>this disscusion was started by me.
>
>the answer from joerg was that he use stunnel and it works just fine.
>
>now i ask about the pros & cons between ssh & stunnel.
>
>why should i use stunnel if i can do the same over an ssh port forwarding.
>whats is better with stunnel?
>
>thx
Google is your friend. Found via a search for: stunnel ssh
http://www.monkey.org/openbsd/archive/misc/0306/msg00906.html
>Given the recent security issue with stunnel, I'd favor either the
>native SSL or SSH tunnel for this purpose.
(note: the context of the above quote is regarding MySQL native SSL
support, vs stunnel vs ssh tunnels.)
One of the recent problems in stunnel boiled down to being vulnerable to
the RSA timing attack present in OpenSSL.
http://www.securityfocus.com/archive/1/316211
And another vulnerability where stunnel itself had unsafe SIGCHLD handling:
http://www.securityfocus.com/archive/1/306442
Both of those vulnerabilities were this year.
-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-userslists.sourceforge.net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]