hobbit(bb) port 1984 encryption with stunnel
list T.J. Yang
Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c7c4ebd25761fc90804cf1ce9ea95666c# Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administration_Guide#Hobbit.28bb.29_port_1984_encryption Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process. Regards T.J. Yang Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check savings https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search=mortgage_text_links_88_h2bbb&disc=y&vers=925&s=4056&p=5117
list Ulric Eriksson
▸
On Sat, 28 Apr 2007, T.J. Yang wrote:
Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c7c4ebd25761fc90804cf1ce9ea95666c# Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administration_Guide#Hobbit.28bb.29_port_1984_encryption Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.
FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well. Ulric
list T.J. Yang
▸
From: Ulric Eriksson <user-de31148ebe0c@xymon.invalid> Reply-To: user-ae9b8668bcde@xymon.invalid To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST) On Sat, 28 Apr 2007, T.J. Yang wrote:Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c7c4ebd25761fc90804cf1ce9ea95666c# Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administration_Guide#Hobbit.28bb.29_port_1984_encryption Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well.
Ulric,
I am new to stunnel and trying to get stunnel to work with hobbit client and server. A few questions here. 1. So basically I can configure a hobbit/bb(using same port) server to both accept either encrypted bb messages or plain one, correct ? 2. I can use tcp-wrapper to restrict only the hobbit server itself can connect to itself to lock down plain bb message connection from public, correct ? 3. I got 4.20 stunnel compiled and configured, but the examples on stunnel.org is for older version which accept "-c" kind of options. I am having problem to really redirect the bb message from a bb client using port 1999 to remote hb server which accepting 1999 (then redirect to local 1984). I don't know what other stops I need to to fill the following url. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administration_Guide#Configuring_hb_client_to_use_port_1999
Ulric
Download Messenger. Join the i�m Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
list Tod Hansmann
For 1 & 2, I have some info. 1) No, you can't have it use the same port to accept both traffic. That would break the rules of networking, so you have to have unencrypted traffic listening on a different port, OR have some really fancy iptables rules that I'd rather not think about in detail. 2) I'm not sure what you're referring to here, but if I have it correct, you want to redirect encrypted messages (after they've been unencrypted) to another port on the same server? That's easily doable with iptables rules, but that will be a learning curve. Stunnel may even have functionality built in to do this already anyway, so you may want to look at stunnel's documentation for that. 3) You probably want to check with the stunnel mailing list and/or documentation on this. I don't know anything about stunnel or its native capabilities. Sorry =c) Hope that helps. Tod Hansmann Network Engineer
▸
-----Original Message-----
From: T.J. Yang [mailto:user-8e841282cda5@xymon.invalid]
Sent: Sunday, April 29, 2007 6:07 AM
To: user-ae9b8668bcde@xymon.invalid
Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel
From: Ulric Eriksson <user-de31148ebe0c@xymon.invalid> Reply-To: user-ae9b8668bcde@xymon.invalid To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST) On Sat, 28 Apr 2007, T.J. Yang wrote:Hi,
http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=0000000
0%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c 7c4ebd25761fc90804cf1ce9ea95666c#
▸
Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat ion_Guide#Hobbit.28bb.29_port_1984_encryption
▸
Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well.
Ulric,
I am new to stunnel and trying to get stunnel to work with hobbit client
and
server.
A few questions here.
1. So basically I can configure a hobbit/bb(using same port) server to
both
accept either encrypted
bb messages or plain one, correct ?
2. I can use tcp-wrapper to restrict only the hobbit server itself can
connect to itself to lock down
plain bb message connection from public, correct ?
3. I got 4.20 stunnel compiled and configured, but the examples on
stunnel.org is for older version which accept "-c" kind of options. I am
having problem to really redirect the bb message from a bb client using
port 1999 to remote hb server which accepting 1999 (then redirect to
local
1984).
I don't know what other stops I need to to fill the following url.
http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio n_Guide#Configuring_hb_client_to_use_port_1999
▸
Ulric
Download Messenger. Join the i'm Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
list T.J. Yang
▸
From: "Tod Hansmann" <user-b6e28cb93fa4@xymon.invalid> Reply-To: user-ae9b8668bcde@xymon.invalid To: <user-ae9b8668bcde@xymon.invalid> Subject: RE: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Mon, 30 Apr 2007 09:06:49 -0600 For 1 & 2, I have some info. 1) No, you can't have it use the same port to accept both traffic. That would break the rules of networking, so you have to have unencrypted traffic listening on a different port, OR have some really fancy iptables rules that I'd rather not think about in detail.
Agree. I mean on one HB server, one port (1984) to accept plain incoming message. Another encrypted port(1999) to accept messages from hb client send out encrypted message.
▸
2) I'm not sure what you're referring to here, but if I have it correct, you want to redirect encrypted messages (after they've been unencrypted) to another port on the same server? That's easily doable with iptables rules, but that will be a learning curve. Stunnel may even have functionality built in to do this already anyway, so you may want to look at stunnel's documentation for that.
Yes, I am expecting stunnel will do the redirect work, not iptable.
▸
3) You probably want to check with the stunnel mailing list and/or documentation on this. I don't know anything about stunnel or its native capabilities. Sorry =c)
I did. lets wait and see the response I got from the stunnel user list. It will be easy once I knew it. ;) tj
▸
Hope that helps. Tod Hansmann Network Engineer -----Original Message----- From: T.J. Yang [mailto:user-8e841282cda5@xymon.invalid] Sent: Sunday, April 29, 2007 6:07 AM To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnelFrom: Ulric Eriksson <user-de31148ebe0c@xymon.invalid> Reply-To: user-ae9b8668bcde@xymon.invalid To: user-ae9b8668bcde@xymon.invalid Subject: Re: [hobbit] hobbit(bb) port 1984 encryption with stunnel Date: Sun, 29 Apr 2007 09:07:19 +0200 (CEST) On Sat, 28 Apr 2007, T.J. Yang wrote:Hi, http://by138fd.bay138.hotmail.msn.com/cgi-bin/compose?&curmbox=00000000%2d0000%2d0000%2d0000%2d000000000001&a=c3dd844ec8984ee0fc88cdaec8525d7c 7c4ebd25761fc90804cf1ce9ea95666c#Send I am starting to test out port 1984 encryption using stunnel approach, see following wiki notes. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administrat ion_Guide#Hobbit.28bb.29_port_1984_encryption Has anyone done this already ? Hoping someone already did this. so I can shorten my try and error process.FWIW, we have been using Big Brother clients with stunnel to monitor remote sites for years. It works perfectly. Since Hobbit also uses a simple, tcp based protocol, I see no reason why it shouldn't work as well.Ulric, I am new to stunnel and trying to get stunnel to work with hobbit client and server. A few questions here. 1. So basically I can configure a hobbit/bb(using same port) server to both accept either encrypted bb messages or plain one, correct ? 2. I can use tcp-wrapper to restrict only the hobbit server itself can connect to itself to lock down plain bb message connection from public, correct ? 3. I got 4.20 stunnel compiled and configured, but the examples on stunnel.org is for older version which accept "-c" kind of options. I am having problem to really redirect the bb message from a bb client using port 1999 to remote hb server which accepting 1999 (then redirect to local 1984). I don't know what other stops I need to to fill the following url. http://en.wikibooks.org/wiki/System_Monitoring_with_Hobbit/Administratio n_Guide#Configuring_hb_client_to_use_port_1999UlricDownload Messenger. Join the i'm Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
Mortgage refinance is Hot. *Terms. Get a 5.375%* fix rate. Check savings https://www2.nextag.com/goto.jsp?product=100000035&url=%2fst.jsp&tm=y&search=mortgage_text_links_88_h2bbb&disc=y&vers=925&s=4056&p=5117