[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel
- To: hobbit (at) hswn.dk
- Subject: RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel
- From: "T.J. Yang" <tj_yang (at) hotmail.com>
- Date: Mon, 30 Apr 2007 12:39:24 -0500
- Bcc:
From: "Tod Hansmann" <thansmann (at) directpointe.com>
Reply-To: hobbit (at) hswn.dk
To: <hobbit (at) hswn.dk>
Subject: RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel
Date: Mon, 30 Apr 2007 09:06:49 -0600
For 1 & 2, I have some info.
1) No, you can't have it use the same port to accept both traffic. That
would break the rules of networking, so you have to have unencrypted
traffic listening on a different port, OR have some really fancy
iptables rules that I'd rather not think about in detail.
Agree. I mean on one HB server, one port (1984) to accept plain incoming
message.
Another encrypted port(1999) to accept messages from hb client send out
encrypted message.
2) I'm not sure what you're referring to here, but if I have it correct,
you want to redirect encrypted messages (after they've been unencrypted)
to another port on the same server? That's easily doable with iptables
rules, but that will be a learning curve. Stunnel may even have
functionality built in to do this already anyway, so you may want to
look at stunnel's documentation for that.
Yes, I am expecting stunnel will do the redirect work, not iptable.
3) You probably want to check with the stunnel mailing list and/or
documentation on this. I don't know anything about stunnel or its
native capabilities. Sorry =c)
I did. lets wait and see the response I got from the stunnel user list.
It will be easy once I knew it. ;)
tj
Hope that helps.
Tod Hansmann
Network Engineer
-----Original Message-----
From: T.J. Yang [mailto:tj_yang (at) hotmail.com]
Sent: Sunday, April 29, 2007 6:07 AM
To: hobbit (at) hswn.dk
Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
>From: Ulric Eriksson <ulric (at) siag.nu>
>Reply-To: hobbit (at) hswn.dk
>To: hobbit (at) hswn.dk
>Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
>Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST)
>
>
>
>On Sat, 28 Apr 2007, T.J. Yang wrote:
>
>>Hi,
>>http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=0000000
0%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c
7c4ebd25761fc90804cf1ce9ea95666c#
>>Send
>>I am starting to test out port 1984 encryption using stunnel approach,
see
>>following wiki notes.
>>
>>http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat
ion_Guide#Hobbit.28bb.29_port_1984_encryption
>>
>>Has anyone done this already ? Hoping someone already did this. so I
can
>>shorten my try and error process.
>
>FWIW, we have been using Big Brother clients with stunnel to monitor
remote
>sites for years. It works perfectly. Since Hobbit also uses a simple,
tcp
>based protocol, I see no reason why it shouldn't work as well.
Ulric,
I am new to stunnel and trying to get stunnel to work with hobbit client
and
server.
A few questions here.
1. So basically I can configure a hobbit/bb(using same port) server to
both
accept either encrypted
bb messages or plain one, correct ?
2. I can use tcp-wrapper to restrict only the hobbit server itself can
connect to itself to lock down
plain bb message connection from public, correct ?
3. I got 4.20 stunnel compiled and configured, but the examples on
stunnel.org is for older version which accept "-c" kind of options. I am
having problem to really redirect the bb message from a bb client using
port 1999 to remote hb server which accepting 1999 (then redirect to
local
1984).
I don't know what other stops I need to to fill the following url.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio
n_Guide#Configuring_hb_client_to_use_port_1999
>Ulric
>
>To unsubscribe from the hobbit list, send an e-mail to
>hobbit-unsubscribe (at) hswn.dk
>
>
_________________________________________________________________
Download Messenger. Join the i'm Initiative. Help make a difference
today.
http://im.live.com/messenger/im/home/?source=TAGHM_APR07
To unsubscribe from the hobbit list, send an e-mail to
hobbit-unsubscribe (at) hswn.dk
To unsubscribe from the hobbit list, send an e-mail to
hobbit-unsubscribe (at) hswn.dk
_________________________________________________________________
Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check savings
https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search=mortgage_text_links_88_h2bbb&disc=y&vers=925&s=4056&p=5117