Paranoid Penguin - Rehabilitating Clear-Text Network Applications with Stunnel
And that, I hope, is enough to start you down the path of Stunnel mayhem. As usual, I've scratched only the surface. I leave it up to you to explore Stunnel's ability to authenticate tunnels with client-certificate checking, its support for TCPwrappers-style access controls and the myriad global and service-specific options supported in stunnel.conf. Let the stunnel(8) man page be your guide, and may your single-TCP-port-using unencrypted-TCP applications be eavesdroppable no more.
Resources for this article: /article/7646.
Mick Bauer, CISSP, is Linux Journal's security editor and an IS security consultant in Minneapolis, Minnesota. He's the author of Building Secure Servers With Linux (O'Reilly & Associates, 2002).
- VMware's Clarity Design System
- Let's Go to Mars with Martian Lander
- Applied Expert Systems, Inc.'s CleverView for TCP/IP on Linux
- My Childhood in a Cigar Box
- Papa's Got a Brand New NAS
- Rogue Wave Software's TotalView for HPC and CodeDynamics
- Panther MPC, Inc.'s Panther Alpha
- Jetico's BestCrypt Container Encryption for Linux
- Simplenote, Simply Awesome!
- GENIVI Alliance's GENIVI Vehicle Simulator