[stunnel-users] Creating a man in middle attack for legit purposes.

Todd Troutman todd at techlow.com
Wed Mar 16 10:10:22 CET 2005


So I don't normally start off on a list by immediately asking a question 
but I've got a weird one here that's a critical thing
tonight, plus, this might just be entertaining!

Problem : MacOS Panther has horrible performance problems with large 
https web apps.

So I setup Stunnel to take port 80 and run it through the web app on 
443. Provides http from an https server.
On a MacOS client machine I set /etc/hosts to say that 
system.netsuite.com, the web app, is 192.168.0.4, a handy
FreeBSD 5.3 box running stunnel 4.05

 It  works. Sort of.

Problems - the web app keeps rewriting the url from http to https, 
anytime I click on anything, hmmm.. so I can't make stunnel answer
on 443 because then I'm back to square one. Also, I can't login, the web 
app is giving me a login page as http, but I get a session timeout,please
login again, just repeats, unsure if something in the stunnel config 
should be done to fix that.   Other than that, this is working.

Config is currently this.

client=yes
accept=80
connect=system.netsuite.com:443

Anyway, so is this maybe one of the stranger uses of stunnel, possibly a 
wrong headed and broken way of using it, but oh well.
There goes my plea for some ideas on this one,

Thanks,

Todd







More information about the stunnel-users mailing list