Snort mailing list archives
AW: encrypt barnyard connections
From: Jochen Vogel <jvogel () it-sec de>
Date: Mon, 30 Jun 2003 09:51:07 +0200
Hi Andrew, in the past i tried to use barnyard and postgresql without encryption. this didn´t work, because in the source of barnyard postgresql is not completed yet. how should i use postgresql with openssl use if barnyard not work with postgresql? thx for help jo
-----Ursprüngliche Nachricht----- Von: Hutchinson, Andrew [mailto:andrew.hutchinson () Vanderbilt Edu] Gesendet: Freitag, 27. Juni 2003 17:39 An: Joerg Weber; SnortUsers Betreff: RE: [Snort-users] encrypt barnyard connections You could do that, or... <ShamelessPostgreSQLPlug> you could use PostgreSQL, compiled with the --with-openssl option, and use ssl natively and bypass stunnel altogether. The PostgreSQL installation/configuration documentation explain how to set this up. </ShamelessPosgreSQLPlug> :-) Andrew Andrew Hutchinson - Network Security Vanderbilt University Medical Center (615) 936-2856-----Original Message----- From: Joerg Weber [mailto:j.weber () infos de] Sent: Friday, June 27, 2003 6:31 AM To: SnortUsers Subject: Re: [Snort-users] encrypt barnyard connections Hi,i would to encrypt the barnyard connection to the the mysqldatabase.-is this possible over stunnel?This works just fine for me without any issues. You can run Stunnel with certificates and strict cert checking. On the snort-box do something like stunnel -c -d 127.0.0.1:3306 -r mysql-server-here:3307 -s stunnel -g stunnel and on the remote mysql box /usr/sbin/stunnel -p /usr/share/ssl/stunnel/server.pem-P/tmp/ -d 3307-r 127.0.01:3306 -s stunnel -g stunnel or, with strict cert checking, something like this on the client /usr/sbin/stunnel -c -d 127.0.01:3306 -r mysql-server-here:3307 -v 3 -A /usr/share/ssl/stunnel/server.cert -p /usr/share/ssl/stunnel/client.pem -P /var/run/stunnel.pid -s stunnel -g stunnel on the remote mysql box /usr/sbin/stunnel -A /usr/share/ssl/stunnel/all.cert -p /usr/share/ssl/stunnel/server.pem -d 3307 -r 127.0.0.1:3306 -v 3 -P /var/run/stunnel.pid -s stunnel -g stunnel Now, if you distribute the proper certs to the client andthe server,your connection is ssl-encrypted and connections areallowed with theproper certs only. Works like a charm for me. Oh, it's very possible I goofed up on the pasted lines, you gotta check the parameters of course ;) Cheers! -- Joerg Weber Network Security infoServe GmbH Nell-Breuning-Allee 6 D-66115 Saarbruecken T: (0681) 8 80 08 - 0 F: (0681) 8 80 08 - 59 www.infos.de E: j.weber () infos de------------------------------------------------------- This SF.Net email is sponsored by: INetU Attention Web Developers & Consultants: Become An INetU Hosting Partner. Refer Dedicated Servers. We Manage Them. You Get 10% Monthly Commission! INetU Dedicated Managed Hosting http://www.inetu.net/partner/index.php _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: encrypt barnyard connections Jochen Vogel (Jun 30)