Snort mailing list archives
Re: AW: ssh vs stunnel
From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 01 Jul 2003 13:42:17 -0400
At 05:25 PM 7/1/2003 +0200, Jochen Vogel wrote:
this disscusion was started by me. the answer from joerg was that he use stunnel and it works just fine. now i ask about the pros & cons between ssh & stunnel. why should i use stunnel if i can do the same over an ssh port forwarding. whats is better with stunnel? thx
Google is your friend. Found via a search for: stunnel ssh http://www.monkey.org/openbsd/archive/misc/0306/msg00906.html
Given the recent security issue with stunnel, I'd favor either the native SSL or SSH tunnel for this purpose.
(note: the context of the above quote is regarding MySQL native SSL support, vs stunnel vs ssh tunnels.)
One of the recent problems in stunnel boiled down to being vulnerable to the RSA timing attack present in OpenSSL.
http://www.securityfocus.com/archive/1/316211 And another vulnerability where stunnel itself had unsafe SIGCHLD handling: http://www.securityfocus.com/archive/1/306442 Both of those vulnerabilities were this year. ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- AW: ssh vs stunnel Jochen Vogel (Jul 01)
- Re: AW: ssh vs stunnel Skip Carter (Jul 01)
- Re: AW: ssh vs stunnel Matt Kettler (Jul 01)
- <Possible follow-ups>
- AW: ssh vs stunnel Jochen Vogel (Jul 02)