Page 1 of 1

ssl and newspro

Posted: Thu May 12, 2005 6:32 pm
by esterade
is it possible to use newspro with ssl encryption?
I wanted to use stunnel with, but that seems hard to configure.
Thanks for your help

Posted: Thu May 12, 2005 9:19 pm
by alex
ssl tunnel is very easy to configure, it just listens on some port on local host, when newspro makes a connection it goes through tunnel and the tunnel is immediately ready for another connection, what you need to launch ssl tunnel on different ports on local host, then put the same ports in newspro settings and rename servers (context menu) e.g. to tunnel.<servername> (in fact arbitrary name, just different from the server name so you won't have to put ip address in the tunnel), then in windows "hosts" file assign every server to 127.0.0.1

e.g.

newspro settings, server properties (some imaginary secure servers snews.microsoft.com and snews.newsfeeds.com):

tunnel.snews.microsoft.com port 1000
tunnel.snews.newsfeeds.com port 1001

windows hosts file:

127.0.0.1 localhost
127.0.0.1 tunnel.snews.microsoft.com
127.0.0.1 tunnel.snews.newsfeeds.com

then start stunnel (i don't remember the exact command string)

stunnel listen on 127.0.0.1 port 1000 to snews.microsoft.com port ?
stunnel listen on 127.0.0.1 port 1000 to snews.newfeeds.com port ?

where ? is the ssl port the news server is listening

more explanation please?

Posted: Fri May 13, 2005 7:43 am
by esterade
Thank you very much for your explanation, but how I am not really hight in technical view, I don't understand very well....
here is how I writed the stunnel.conf: is is right?
------------------------------------------
# Run in client mode? (remote service is using SSL)
client = yes
debug = debug

#
# Definition of the services that we're running on our localhost
#

# Service NNTP
[stunnel.nntp]
accept=127.0.0.1:119
connect=news.usenetname.com:563
----------------------------------------------------------------
Also I don't know how configure in newspro for proxy for stunnel, how it is much possibilities in the properties proxy table.
I try some possibilities but always have errors message -

Hoping for more explantion from you,
Thank you very much by advance, and thank you for your nice software, I use since his beginning .

Posted: Fri May 13, 2005 7:56 am
by alex
now it is even better, when i was dealing with this stuff it was just command prompt, now you can setup several connections without hassle.

it happened that i worked with ssl a lot but the priorities don't let me to add it here, also the ssl protocol attributes like acceptable ciphers/key length on other side etc. may differ, also if to be strict to provide real security one needs certificates (otherwise the middle man attack can be used to compromise everything) so the part of the program may get outdated and/or too complicated, if there is normal tunnel software better to use it.

the windows hosts file can be found (in xp, look in internet for other systems the file is named 'hosts') at [system partition]\windows\drivers\etc

in newspro you need to rename your server (server pane, select server, context menu, rename).

news.usenetname.com to e.g. tunneled.news.usenetname.com

in the windows hosts file add:

127.0.0.1 tunneled.news.usenetname.com

the problem if you have more than one server you cannot use the same port, so you just change port in newspro server settings and make ssl tunnel listen on the other port, in short you need as many ports as many servers are working through the tunnel.

Thank you very much: That works

Posted: Fri May 13, 2005 9:27 am
by esterade
Thank you very much for your help.
With your last explanations, I understood well,
and can use the stunnel with newspro.

Anyway, if you know some other tunnel system ssh etc with not too much expensives servers or systems, I should be happy to know about!

Thank you again