Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Stunnel Problems

From: "Stuart" <stuart.hackinfo () btinternet com>
Date: Fri, 7 Dec 2001 00:13:35 -0000
Hi,

I am having a problem with Stunnel (3.21c) whilst attempting to do a reverse
ssl Proxy. (both on linux and windows)

I am attempting to access a Web Server sat behind Netscape (NetCache?) 3.5
proxy. Here is what I am doing.

stunnel -c -d 80 -r <remotehost>:443
and point a browser on local host to 80.

and I get this error....
"Insufficient encryption
This document requires a larger secret key size for encryption than your
browser is capable of supporting."

but...
when I complile OPENSSL (latest version, using the dlls for stunnel too) and
run openssl.exe and the following commands...

s_client -connect <remotehost>:443

and do a banner grab

GET / HTTP/1.1
it works.

I was wondering if anybody could help me to get it working correctly though
a browser window?

Has anyone else had any problems with Stunnel before? It seems to be
reasonably site specific - it works fine with several sites that all report
SSLv3, RC4 128bit, 1024bit key when I use IE5 to connect to them - and this
is the same as the site that is causing problems. Thats why I'm wondering it
the Netscape Proxy in front of the server has anything to do with it?

thanks
Stuart
IT Security Consultant, UK



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Previous By Date Next
Previous By Thread Next

Current thread: