Safest suggested client/server stunnel configurations to prevent MITM attacks
I'm currently tunneling SSH over SSL using stunnel. I thought that stunneled ssh data was safe. However, recently I've read that if going through a sophisticated http/https proxy, it's possible to be hacked by a "legitimate" mitm attack to fool an SSL client. Is it still possible to configure stunnel so that ssl can't be compromised between both ends? I'm going to take a wild guess here; which I'm sure I'm probably wrong. But, could I just install stunnel; and, let it create automatically a self-signed (stunnel.pem) certificate file... then just copy that file to the stunnel install on the other end? That way both sides are already aware of each other's public keys; and, wouldn't be vulnerable during the initial unencrypted handshake? I'm sure I'm probably way off; and, there's more I need to do in stunnel's configuration to further ensure the SSL won't be compromised.. such as the stunnel "verify" setting. I'm not sure which setting to have it; and, what it actually does. I'm hoping someone could shed some light on this with simple suggested client--> server configs that would keep ssl uncompromised as much as possible. Thanks in advance!
How do you plan on copying it to the other end? On Friday, October 19, 2012, Michael K. Avanessian wrote:
I’m currently tunneling SSH over SSL using stunnel.****
** **
I thought that stunneled ssh data was safe. However, recently I’ve read that if going through a sophisticated http/https proxy, it’s possible to be hacked by a “legitimate” mitm attack to fool an SSL client.****
** **
Is it still possible to configure stunnel so that ssl can’t be compromised between both ends?****
** **
I’m going to take a wild guess here; which I’m sure I’m probably wrong. But, could I just install stunnel; and, let it create automatically a self-signed (stunnel.pem) certificate file… then just copy that file to the stunnel install on the other end? That way both sides are already aware of each other’s public keys; and, wouldn’t be vulnerable during the initial unencrypted handshake?****
** **
I’m sure I’m probably way off; and, there’s more I need to do in stunnel’s configuration to further ensure the SSL won’t be compromised.. such as the stunnel “verify” setting. I’m not sure which setting to have it; and, what it actually does.****
** **
I’m hoping someone could shed some light on this with simple suggested clientà server configs that would keep ssl uncompromised as much as possible.****
** **
Thanks in advance!****
________________________________ From: Michael K. Avanessian <michael@mka.net> To: "stunnel-users@stunnel.org" <stunnel-users@stunnel.org> Sent: Friday, October 19, 2012 10:41 PM Subject: [stunnel-users] Safest suggested client/server stunnel configurations to prevent MITM attacks
I’m currently tunneling SSH over SSL using stunnel. I thought that stunneled ssh data was safe. However, recently I’ve read that if going through a sophisticated http/https proxy, it’s possible to be hacked by a “legitimate” mitm attack to fool an SSL client.
Tunneled and not-tunneled SSH data _is_ safe. The SSH protocol is pretty secure by itself. My understanding is that to pull off the type of SSL/TLS data inspection that you mention http://www.sourcefire.com/security-technologies/network-security/ssl-encrypt... there has to be some work done on the client side of the connection. (Install a custom CA certificate in the trusted certificate store of the client machine) So even if you were on such a network, as long as your "attacker" does not have control of your machine. the SSL/TLS protocol will protect you because of the way keys (certificates) are verified. (Notice the key word here is verified)
Is it still possible to configure stunnel so that ssl can’t be compromised between both ends? I’m going to take a wild guess here; which I’m sure I’m probably wrong. But, could I just install stunnel; and, let it create automatically a self-signed (stunnel.pem) certificate file… then just copy that file to the stunnel install on the other end? That way both sides are already aware of each other’s public keys; and, wouldn’t be vulnerable during the initial unencrypted handshake? I’m sure I’m probably way off; and, there’s more I need to do in stunnel’s configuration to further ensure the SSL won’t be compromised.. such as the stunnel “verify” setting. I’m not sure which setting to have it; and, what it actually does. I’m hoping someone could shed some light on this with simple suggested clientà server configs that would keep ssl uncompromised as much as possible. Thanks in advance!
The configuration you are looking for stunnel involves the verify level 3 setting on the config (Verify peer with locally installed certificate) Plus the key management involved to set that up. Take a look a this document. It is a little out of date. BUT the part about setting up the certificates on client and server still applies. and is a good way to start http://www.symantec.com/connect/articles/remote-desktop-management-solution-... Hope this helps Leandro Avila ----------------
participants (3)
-
Brian Wilkins -
Leandro Avila -
Michael K. Avanessian