[kwlug-disc] KWLUG site security (was: Firesheep: Open WiFi cookie stealing for the masses ...)

Lori Paniak ldpaniak at fourpisolutions.com
Thu Oct 28 08:10:01 EDT 2010


On Wed, 2010-10-27 at 21:51 -0400, Paul Nijjar wrote:
> On Tue, Oct 26, 2010 at 08:11:32PM -0400, Lori Paniak wrote:
> > 
> > Enough editorializing - time for a practical question: how secure is the
> > kwlug site?  How can it be improved?  At what cost?  (Sounds like a new
> > thread)
> 
> kwlug.org is not secure. It is on a shared host that (from what I
> recall) runs a pretty old version of Apache. The Drupal installation
> is hideously out of date as well. 
> 
> I don't know whether CCJ/Clearline (who donates the space to us) is
> willing to investigate SNI or not. 
> 
> 
> 
> - Paul
> 
> 

This may not be necessary.  I came across stunnel which looks like an
SSL proxy system that runs on the server, listening for secure traffic
and redirecting it locally (or remotely) to insecure web services.

The link is:  http://www.stunnel.org/

Does anyone out there have experience/knowledge of this package?  

It runs on Linux, BSD and practically everything else and is apt-get
installable FTW!

Is it feasible to get a presentation/demo of procuring and installing
public SSL certificates for use on a web server?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 490 bytes
Desc: This is a digitally signed message part
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20101028/c355c3d6/attachment.bin>


More information about the kwlug-disc_kwlug.org mailing list