[stunnel-users] Strange Stunnel crash (no errors, issues, anything)
Michal.Trojnara at mirt.net
Fri May 17 07:49:15 CEST 2013
Alfred Kernaghan wrote:
> apart from the fact with the default combination the ciphers and
> security are incorrect (BEAST/CRIME vulnerable)
Unfortunately I don't think anymore that RC4 is a better choice:
Also see some initial results of my own research of this topic:
The ultimate solution would be to use TLS/1.2, which is already
supported in stunnel. All we can do is to wait for client support.
I think AlFBPPS attack is in most cases much easier to exploit than
BEAST and Lucky Thirteen attacks for most practical scenarios.
As for CRIME: stunnel has compression turned off by default since
> Short of wiping the machine completely and re-installing, can anyone
> think of anything else I can try?
Please collect a stack backtrace:
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 196 bytes
Desc: OpenPGP digital signature
More information about the stunnel-users