[stunnel-users] How is it working?

Algol Tradent tradent at yahoo.com
Tue Nov 6 03:28:56 CET 2007


Hello,

If I remember correctly the VNC server will listen for
connections on _all_ available interfaces on the
server. You might want to make sure that port 5900 is
not accessible from the internet, and maybe use the
"Loopback Only" connections options on the VNC server
to ensure that no connections are going directly
without the tunnel.

You might want to take a look at this document for the
nmap documentation
http://insecure.org/nmap/vscan/vscan-post-processors.html
It describes how nmap tries to identify services that
use SSL as well.

Other user metioned before of the use of certificates
for client-server authentication... You should
consider this option. Basically, the server and client
will check if the connection should be allowed based
on the certificate presented by each peer. In this
way, the only way people can connect is to have an
authorized certificate.

:)


--- fuzzy_4711 <fuzzy_4711 at gmx.de> wrote:

> Hello list.
> 
> After a few tries, my stunnel configuration is
> working well. I am using
> it to tunnel my vnc connections to my winXP box.
> 
> Now I have a question about how the software is
> working.
> 
> In the past, when I was using VNC at port 5900 and I
> did a telnet to
> that box with port 5900, VNC was answering with
> something like 003005
> which was the VNC protocol version the server was
> able to communicate.
> 
> Now because of the tunneling effect, my vnc server
> still listens at
> 127.0.0.1:5900 but is expecting ssled connections at
> xxx.xxx.xxx.xxx:9999.
> 
> When I do a telnet at xxx.xxx.xxx.xxx at port 9999
> my box is answering
> something like: Connected to xxx.xxx.xxx.xxx Escape
> character is ...
> 
> Now if enter something like "test" the telnet window
> shows me that the
> connection is closed by foreign host (means: my xp
> box).
> 
> Lets assume, someone is trying to hack my computer
> and doing a port
> scan. She/he will find out for sure, that my port
> 9999 is opened.
> Usually the server listening behind the port is
> sending something the
> attacker could use to point to the software running
> behind the port. In
> this case, as far as I can see nothing is sent to
> give a hint that
> stunnel is waiting there to route my connection
> attempt to 127.0.0.1:5900.
> 
> Is it right, that this is the magic - for sure
> besides encryption and
> all the algorithms necessary to do the port
> forwarding - stunnel
> provides? I mean as long as an attacker doesnt know
> what is hiding
> behind the port he/she also doesnt know how to
> attack or how to get
> through. Is that conclusion right?
> 
> Please tell me, if my conclusions are wrong or if I
> got something wrong.
> 
> Stefan
> 
> 
> _______________________________________________
> stunnel-users mailing list
> stunnel-users at mirt.net
>
http://stunnel.mirt.net/mailman/listinfo/stunnel-users
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



More information about the stunnel-users mailing list