Snort mailing list archives

Re: AW: ssh vs stunnel

From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 01 Jul 2003 13:42:17 -0400

At 05:25 PM 7/1/2003 +0200, Jochen Vogel wrote:

this disscusion was started by me.

the answer from joerg was that he use stunnel and it works just fine.

now i ask about the pros & cons between ssh & stunnel.

why should i use stunnel if i can do the same over an ssh port forwarding.
whats is better with stunnel?

thx


Google is your friend. Found via a search for: stunnel ssh


http://www.monkey.org/openbsd/archive/misc/0306/msg00906.html

Given the recent security issue with stunnel, I'd favor either the
native SSL or SSH tunnel for this purpose.

(note: the context of the above quote is regarding MySQL native SSLsupport, vs stunnel vs ssh tunnels.)

One of the recent problems in stunnel boiled down to being vulnerable tothe RSA timing attack present in OpenSSL.


http://www.securityfocus.com/archive/1/316211

And another vulnerability where stunnel itself had unsafe SIGCHLD handling:

http://www.securityfocus.com/archive/1/306442

Both of those vulnerabilities were this year.



-------------------------------------------------------
This SF.Net email sponsored by: Free pre-built ASP.NET sites including
Data Reports, E-commerce, Portals, and Forums are available now.
Download today and enter to win an XBOX or Visual Studio .NET.
http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

AW: ssh vs stunnel Jochen Vogel (Jul 01)
- Re: AW: ssh vs stunnel Skip Carter (Jul 01)
- Re: AW: ssh vs stunnel Matt Kettler (Jul 01)
- <Possible follow-ups>
- AW: ssh vs stunnel Jochen Vogel (Jul 02)