[hobbit] hobbit(bb) port 1984 encryption with stunnel

T.J. Yang tj_yang at hotmail.com
Mon Apr 30 19:39:24 CEST 2007 

>From: "Tod Hansmann" <thansmann at directpointe.com>
>Reply-To: hobbit at hswn.dk
>To: <hobbit at hswn.dk>
>Subject: RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel
>Date: Mon, 30 Apr 2007 09:06:49 -0600
>
>For 1 & 2, I have some info.
>
>1) No, you can't have it use the same port to accept both traffic.  That
>would break the rules of networking, so you have to have unencrypted
>traffic listening on a different port, OR have some really fancy
>iptables rules that I'd rather not think about in detail.

Agree. I mean on one HB server, one port (1984) to accept plain incoming 
message.
Another encrypted port(1999) to accept messages from hb client send out 
encrypted message.

>2) I'm not sure what you're referring to here, but if I have it correct,
>you want to redirect encrypted messages (after they've been unencrypted)
>to another port on the same server?  That's easily doable with iptables
>rules, but that will be a learning curve.  Stunnel may even have
>functionality built in to do this already anyway, so you may want to
>look at stunnel's documentation for that.

Yes, I am expecting stunnel will do the redirect work, not iptable.

>
>3) You probably want to check with the stunnel mailing list and/or
>documentation on this.  I don't know anything about stunnel or its
>native capabilities.  Sorry =c)

I did. lets wait and see the response I got from the stunnel  user list.
It will be easy once I knew it. ;)

tj

>Hope that helps.
>
>Tod Hansmann
>Network Engineer
>
>
>-----Original Message-----
>From: T.J. Yang [mailto:tj_yang at hotmail.com]
>Sent: Sunday, April 29, 2007 6:07 AM
>To: hobbit at hswn.dk
>Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
>
>
>
> >From: Ulric Eriksson <ulric at siag.nu>
> >Reply-To: hobbit at hswn.dk
> >To: hobbit at hswn.dk
> >Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
> >Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST)
> >
> >
> >
> >On Sat, 28 Apr 2007, T.J. Yang wrote:
> >
> >>Hi,
> >>http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=0000000
>0%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c
>7c4ebd25761fc90804cf1ce9ea95666c#
> >>Send
> >>I am starting to test out port 1984 encryption using stunnel approach,
>see
> >>following wiki notes.
> >>
> >>http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat
>ion_Guide#Hobbit.28bb.29_port_1984_encryption
> >>
> >>Has anyone done this already ? Hoping someone already did this. so I
>can
> >>shorten my try and error process.
> >
> >FWIW, we have been using Big Brother clients with stunnel to monitor
>remote
> >sites for years. It works perfectly. Since Hobbit also uses a simple,
>tcp
> >based protocol, I see no reason why it shouldn't work as well.
>
>Ulric,
>
>I am new to stunnel and trying to get stunnel to work with hobbit client
>and
>server.
>A few questions here.
>
>1. So basically I can configure a hobbit/bb(using same port) server to
>both
>accept either encrypted
>    bb messages or plain one, correct ?
>
>2.   I can use tcp-wrapper to restrict only the hobbit server itself can
>
>connect to itself to lock down
>       plain bb message connection from public, correct ?
>
>3. I got 4.20 stunnel  compiled and configured, but the examples on
>stunnel.org is for older version which accept "-c" kind of options. I am
>
>having  problem to really redirect the bb message from a bb client using
>
>port 1999 to remote hb server which accepting 1999 (then redirect to
>local
>1984).
>
>I don't know what other stops I need to to fill the following url.
>
>http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio
>n_Guide#Configuring_hb_client_to_use_port_1999
>
>
>
> >Ulric
> >
> >To unsubscribe from the hobbit list, send an e-mail to
> >hobbit-unsubscribe at hswn.dk
> >
> >
>
>_________________________________________________________________
>Download Messenger. Join the i'm Initiative. Help make a difference
>today.
>http://im.live.com/messenger/im/home/?source=TAGHM_APR07
>
>
>To unsubscribe from the hobbit list, send an e-mail to
>hobbit-unsubscribe at hswn.dk
>
>
>
>
>To unsubscribe from the hobbit list, send an e-mail to
>hobbit-unsubscribe at hswn.dk
>
>

_________________________________________________________________
Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check savings 
https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search=mortgage_text_links_88_h2bbb&disc=y&vers=925&s=4056&p=5117

More information about the Xymon mailing list