Implementing an SSL-Based Network?

Posted by Cliff on Saturday June 22, 2002 @01:25AM from the stunneling-to-freedom dept.

A Nominal Coward asks: "I've been doing some research into making my communications more secure, everything from email to news, from IRC to www. Most of the information I've found repeats one suggestion, 'tunnel your connections over SSL.' Yet while everyone claims this is the best thing to do, no one seems to explain how. I haven't been able to find a faq, howto, or demonstration of how to set this up properly; just lots of people saying 'SSL is good.' What am I missing? I've downloaded and installed stunnel, a free (speech & beer) SSL tunneling proxy, but - don't laugh - now what? All I've managed to do is make an SSL connection to an IRC server a friend set up specifically for that purpose. Where do I go from here in order to secure my other connections, like mail, news, and web? Do I have to subscribe with providers who explicitly provide SSL access, if so, which are recommended? I would appreciate advice from others who have managed to get this working."

2 of 31 comments (clear)

Min score:

Reason:

Sort:

Why SSL? by Anonymous Coward · 2002-06-22 01:57 · Score: 1, Informative

Do the right thing and use IPSec. It encrypts all traffic, not just selected ports, and it will be included in IPv6. SSL might be your only option for communication with external servers and especially POP3 over SSL is very common, but for using services on a friend's system (who I suppose is open to suggestions), IPSec is a better choice.
Building Linux VPNs book may help by Helevius · 2002-06-22 10:26 · Score: 3, Informative

You will find a useful comparison of Linux-based options in Building Linux VPNs by Oleg Kolesnikov and Brian Hatch.
They include SSH, SSL, IPSec, and other approaches, and don't waste time explaining TCP/IP.
Helevius