[stunnel-users] Nessus crashes stunnel

• Previous message (by thread): [stunnel-users] config socket SSL TCP
• Next message (by thread): [stunnel-users] Nessus crashes stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I am running some tests against my stunnel configuration with Nessus.  I
am able to get stunnel to exit silently when I run Nessus with the
Nessus TCP Scan and Weak Supported SSL Cipher Suites test.  I have
played with a few different options but the process consistently ends
when these tests are run together.  Here is the config:
 
Linux testssl.capwin.net 2.6.18-53.1.4.el5 #1 SMP Fri Nov 30 00:45:16
EST 2007 i686 i686 i386 GNU/Linux
gcc version 4.1.2 20070626 (Red Hat 4.1.2-14)
stunnel 4.20 on i686-pc-linux-gnu with OpenSSL 0.9.8b 04 May 2006
Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv4 Auth:LIBWRAP
OpenSSL 0.9.8b 04 May 2006
 
 
Tail of log file during nessus tests
2008.01.15 21:24:30 LOG5[10646:3086605200]: XMPP accepted connection
from 10.102.11.250:41781
2008.01.15 21:24:30 LOG7[10646:3086605200]: SSL state (accept):
before/accept initialization
2008.01.15 21:24:30 LOG7[10646:3086605200]: SSL alert (write): fatal:
handshake failure
2008.01.15 21:24:30 LOG3[10646:3086605200]: SSL_accept: 1408A10B:
error:1408A10B:SSL routines:SSL3_GET_CLIENT_HELLO:wrong version number
2008.01.15 21:24:30 LOG5[10646:3086605200]: Connection reset: 0 bytes
sent to SSL, 0 bytes sent to socket
2008.01.15 21:24:30 LOG7[10646:3086605200]: XMPP finished (0 left)
2008.01.15 21:24:30 LOG7[10646:3086608080]: XMPP accepted FD=7 from
10.102.11.250:41782
2008.01.15 21:24:30 LOG7[10646:3086605200]: XMPP started
2008.01.15 21:24:30 LOG7[10646:3086605200]: FD 7 in non-blocking mode
2008.01.15 21:24:30 LOG7[10646:3086605200]: TCP_NODELAY option set on
local socket
2008.01.15 21:24:30 LOG7[10646:3086605200]: FD 8 in non-blocking mode
2008.01.15 21:24:30 LOG7[10646:3086605200]: FD 9 in non-blocking mode
2008.01.15 21:24:30 LOG7[10646:3086608080]: Cleaning up the signal pipe
2008.01.15 21:24:30 LOG6[10646:3086608080]: Child process 10676 finished
with code 0
2008.01.15 21:24:30 LOG7[10646:3086605200]: Connection from
10.102.11.250:41782 permitted by libwrap
2008.01.15 21:24:30 LOG5[10646:3086605200]: XMPP accepted connection
from 10.102.11.250:41782
2008.01.15 21:24:30 LOG7[10646:3086605200]: SSL state (accept):
before/accept initialization
 
 
Joe A. Kemp
CapWIN Senior Systems Architect
6305 Ivy Lane Suite 300
Greenbelt, MD 20770
(P) 301-614-3727
(F) 301-614-0581
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20080116/0a6494be/attachment.html>

• Previous message (by thread): [stunnel-users] config socket SSL TCP
• Next message (by thread): [stunnel-users] Nessus crashes stunnel
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]