Implementing an SSL-Based Network?

A Nominal Coward asks: "I've been doing some research into making my communications more secure, everything from email to news, from IRC to www. Most of the information I've found repeats one suggestion, 'tunnel your connections over SSL.' Yet while everyone claims this is the best thing to do, no one seems to explain how. I haven't been able to find a faq, howto, or demonstration of how to set this up properly; just lots of people saying 'SSL is good.' What am I missing? I've downloaded and installed stunnel, a free (speech & beer) SSL tunneling proxy, but - don't laugh - now what? All I've managed to do is make an SSL connection to an IRC server a friend set up specifically for that purpose. Where do I go from here in order to secure my other connections, like mail, news, and web? Do I have to subscribe with providers who explicitly provide SSL access, if so, which are recommended? I would appreciate advice from others who have managed to get this working."

Yes, you need something at both ends

[Papineau]

Yes, as with every other protocol/combination of protocols (HTTP over TCP overIP), both ends of your many communications will need to speak the same way.

For mail, some providers offer pops (that is, secure POP3), but you'll have to ask around to know which ones do. Another way to go is Web mail: those packages usually allow https connections. But don't forget that with both these tools, your mail is only secure between you and your ISP: the SMTP protocol your provider's server use to deliver it to other servers is not encrypted. If you really want one end to the other secure mail (as in: nobody will be able to read it unless they are the intended receiver or they're the NSA or CIA), then use PGP, GPG or any other good mail encryption package. Then it'll reach your recipient in a unreadable format. But all your recipients must have a public key, else you won't be able to encrypt it in the first place (so for helpdesks, mailing-lists, etc. it won't work).

For news, www, etc., do you intend to encrypt what you receive (content)? What you receive (URL)? What you send (even if it ends up on a public nntp server)? For some of those, it won't work because you'd want every connection to be encrypted, period. Normal web servers essentially serving "free" info don't need that, and there's some overhead if you encrypt everything. So it won't be put in practice.

Usually people use stunnel for, eg, remote X sessions, where you don't want other people to spy what you're doing. A couple apps also use ssh to do the same (cvs). But in each case, both ends of the communication must be properly set up to communicate through an encrypted layer.

IPsec (as mentionned in another post) is also good, but as soon as your packets leave the other IPsec end (as in, leave the corporate firewall), your communication will again be very plain to read.

confusing your apples and oranges

[coyote-san]

Your question, and the answers, have confused apples and oranges. They look similar (round, fruit), but there are some key differences.

Specifically, you could use a tunnel (stunnel, ssh), or you can use applications that directly support SSL. Setting up the applications takes a bit of research since it hasn't been standardized yet, but it's not too hard once you figure out where the documentation has been hidden. (Sometimes in the source code. *grrr*.) Setting up a tunnel is probably a bit easier, but it requires that the server explicitly provide a tunnel.

The benefits of a tunnel is that it provides a "one size fits all" solution - if you can do it for one application, you can do it for others. More importantly, you can use it with applications that don't yet support SSL directly.

The benefits of direct SSL support is that the clients can almost always verify the identity of the server (it is possible to set up a server so it doesn't require an X.509 certificate, but it's much more common for the server to require one). Optionally, the server can require that clients provide a certificate to identify themselves.

If you control the server, the choice may come down to authentication and identity. If you don't care who connects, or who they connect to, e.g., because you'll be using (username,password) to log in, you should probably go with a tunnel. If you need to establish identity, or want to use a "login-less" mechanism, you should probably go with direct SSL and possibly require client certs.

Yeah, here's an idea.

[SuiteSisterMary]

Don't do it. Tunnelling is bad. Period. You want a secure network? Use IPSEC or something similar, and encrypt your traffic.

Re:Yeah, here's an idea.

[SuiteSisterMary]

Just out of curiousity, could you expand? Why do you consider tunnelling bad? Is it the bandwidth loss due to protocol overhead or something else? IPSEC is great, but consider the fact that unless the other end is taking similar measures, you are (AFAIK) not gaining anything. (Of ironic interest is that not having both ends in sync is a weakness of tunnelling as well. It takes two to tango...)

Doing anything 'out of spec' is going to have the same problems. And most of the basic Internet protocols were built to be open text. If you're going from site to site, use a VPN. If you have no control over the other site, then you're going to wind up sending plain text, most likely. And tunnelling is bad from an admin perspective, as it adds unneeded overhead and what not, as well as making it more difficult to identify what's going on.

Re:Yeah, here's an idea.

[noahm]

Just out of curiousity, could you expand? Why do you consider tunnelling bad? Is it the bandwidth loss due to protocol overhead or something else?

A talk was given at the USENIX conference last week in California in which the throughput performance of SSL/TLS was compared to that of IPsec. IPsec won easily in all cases.

Personally, I prefer IPsec since it can be used to encrypt and authenticate all IP layer traffic. If you're tunneling services over SSL, you're still leaking information to an eavesdropper (i.e. "I know you transferred 200 kB of mail via your tunneled pop3 connection"). With IPsec, it becomes difficult to differentiate between higher level protocols. UDP over IPsec doesn't look any different than TCP.

IPsec is also nice because it's starting to gain widespread industry acceptance. Setting it up on the free Unixes is very easy. Windows 2000 and XP come with it as a standard feature. I don't know if MacOS X 10.1 comes with it, but the forthcoming 10.2 release (Jaguar) includes it.

noah

Small doc on using stunnel to proxy your own http

[ptudor]

This might help a bit if you're already looking toward stunnel but are unsure of how everything links together.

http://www.ptudor.net/~ptudor/stun-proxy.html

Building Linux VPNs book may help

[Helevius]

You will find a useful comparison of Linux-based options in Building Linux VPNs by Oleg Kolesnikov and Brian Hatch.

They include SSH, SSL, IPSec, and other approaches, and don't waste time explaining TCP/IP.

Helevius

PPP over SSL

[TheLink]

You can do PPP over SSL too.

The popular opinion would be that you might be better off using IPSEC.

However to my unenlightened eyes IPSEC seems more complicated than SSL and so more likely to have security problems. E.g. like SSH- complex, and thus many security problems.

That said, if you want encryption from every point to every point then go for IPSEC.

IPSEC performance should be better than PPP over SSL.

Unfortunately, whilst SSL just requires a TCP connection, IPSEC needs UDP.

Cheerio,
Link.

Yes, use a VPN. Maybe not IPSEC

[kwerle]

I always found IPSEC to be FAR more trouble than it was worth. I use VTUN, with seems to be much easier.

Also, I hear OpenVPN is good.