From: Nardmann, Heiko (heiko.nardmann@secunet.com)
Date: Tue Jul 05 2005 - 06:11:34 EDT
Hi together,
I have an application on one machine which acts as an SNMP client to access
several (about 1000) machines.
The customer wants to have those SNMP connections to be secured using SSL.
But the application is not SSL-aware.
So my idea was to use stunnel and have a service port for every SNMP server
machine; then let the application use localhost as the SNMP target machine
together with the configured stunnel incoming port.
The next problem was that the SNMP port can not be configured per SNMP target
machine (for redirecting it to the stunnel port) but only globally in this
stupid application.
Then I have thought of transparent proxying like it is provided by
ipchains/iptables/netfilter for Linux, i.e., rewriting the routing that way
that access to the target SNMP server machine is redirected to the
corresponding stunnel SSL port.
But I have no idea whether such a rewriting is possible for Sun Solaris 8? Any
idea what to look for?
-- Heiko Nardmann (Dipl.-Ing. Technische Informatik) secunet Security Networks AG - Sicherheit in Netzwerken (www.secunet.de), Weidenauer Str. 223-225, D-57076 Siegen Tel. : +49 271 48950-13, Fax : +49 271 48950-50 [demime 1.01b removed an attachment of type application/pgp-signature] _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:31:03 EDT