Hi you guys,
I proposed stunnel as a potential solution to our product about 4-5 months ago and I am in the process of testing a prototype I have built around that proposition. I am using stunnel v. 4.41. I am relatively new to stunnel myself.
The env. is as follows: We are trying to secure an rdp connection from a java applet running in a web browser into a windows 2008 server machine behind our firewall. Presently, the java applet opens up an RDP connection into a machine (I will call it the SSL machine) where Stunnel is presently installed. Stunnel then forwards properly the incoming traffic (from portA) into its final destination (i.e: the windows Server 2008 machine) on port B. Further, I have configured Stunnel to use an SSL certificate. (Although, I have not been able to test that yet to make sure it works)
Anyhow, it is all working as expected and I am pretty happy about the proof of concept. However, while testing it a bit, I noticed that it was relatively easy to bring stunnel down. The way I went about it, was to simply run a "telnet IP_of_MySSLMachine portA" from any DOS command window from any machine with internet access. From the Stunnel logs, I can tell that I get a response from Stunnel and on the DOS window side, I have a cursor waiting for input.... Writing any gibberish into that DOS windows and waiting a little bit makes stunnel stop and die in the SSL machine. I found nothing in the stunnel log, but grepping in the /var/log/, I found the segfault
sslmahine:/var/log/# grep stunnel messages kernel: [1996904.624042] stunnel [19696]: segfault at 8 ip b768d361 sp b7601210 error 4 in libc-2.7.so[b7621000+138000]
After another telnet execution, few days later: sslmahine:/var/log/# grep stunnel messages kernel: [4930384.164316] stunnel [14540]: segfault at 8 ip b7629b61 error 6 in libc-2.7.so[b75bd000+138000]
Basically, if I don't issue that telnet command, stunnel works properly. As soon as I issue that command and start typing few things in that DOS console, stunnel dies. I have to manually restart it.
Question: I was wondering if you guys could shed some light into this behavior. Is it a known behavior/bug? Is there a way to solve it by maybe upgrading into a later version of stunnel? Also, I was thinking to block telnet altogether at the firewall level, but then I am not sure what other protocols could people use to hack into the system...so should I block all of them? And, finally is there a more secure way to setup stunnel?
Thank you in advance
Mehdi/
-
Mehdi Bennani