rejetto forum

HFS including SSl tools

SilentPliz · 262 · 119826

0 Members and 1 Guest are viewing this topic.

Offline Fysack

  • Tireless poster
  • ****
    • Posts: 644
  • present picture
    • View Profile
    • Admin
SilentPliz.. i thought you was dead..? so you have tventyOfour reply. That is something. Its just what i predicted brother. hehe. YOU are stuck with me for life  8) 8) 8) 8) 8) 8) :-* :-* :-* :-* :-*

..superlol

i remember in the ooooooooold days (super super oooooold days) (i dont even think i was born) i was a serm of cour,, no,, wait amin.., ahh..)) fuck it..

I got something new to say.. shit i forgot.. im gonna piss.. (00:18)

*back* 24

whre was i

ok, take it later bro
GOD CAN READ YOUR MIND


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile
11-05-2015     HFS 2.3e SSL 293f is online.

News:
-  Stable release
Stunnel 5.17 Compiled/running with OpenSSL 1.0.2a-fips

For users of a previous BUILD, update Stunnel with the "S" button

HFS 2.3e SSL #293f  :
http://silentpliz.perso.sfr.fr/hfs/hfs.293f.exe

Sources :
http://silentpliz.perso.sfr.fr/hfs/Sources_hfs/HFS_2.3e_SSL_293f-src.zip


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 900
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
11-05-2015     HFS 2.3e SSL 293f is online.

News:
-  Stable release
Stunnel 5.17 Compiled/running with OpenSSL 1.0.2a-fips

For users of a previous BUILD, update Stunnel with the "S" button

HFS 2.3e SSL #293f  :
http://silentpliz.perso.sfr.fr/hfs/hfs.293f.exe

Sources :
http://silentpliz.perso.sfr.fr/hfs/Sources_hfs/HFS_2.3e_SSL_293f-src.zip


Its a bit late to recommend this, but i can't help but post that when creating this post, it should have been only you post for the program silent Plz, with a link under to a "report problems forum post"... that way it would get so big going on "12 pages!)

Thank you for the hard work on this!
Files i try to keep and share can be found on my google drive:

https://drive.google.com/drive/folders/1FOWi3Gqaldld6JLXvZ-biDv4RSguf0IC


Offline 1337GamingNinja

  • Occasional poster
  • *
    • Posts: 2
    • View Profile
I'm surprised that in my many years of using HFS I hadn't seen this thread. I personally already use STunnel with a CA provided SSL certificate to secure my server. I don't know if you have cipher settings set in STunnel but if you want to increase security (by disallowing less secure methods) I would suggest adding the following line to your stunnel.conf:

Code: [Select]
; Set Specific Ciphers
ciphers = ECDH+AESGCM:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:AES128-GCM-SHA256:!NULL:!eNULL:!aNULL:!DSS:!RC4:!DES:!3DES:-MEDIUM:-LOW

That will also make Google Chrome stop telling you that the connection is encrypted using obsolete cryptography.


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile

Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 900
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
wel, its that time again... a new security path to open ssl:

--------------------
Original release date: June 12, 2015

OpenSSL has released updates addressing multiple vulnerabilities, one of which allows a remote attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography—an attack known as Logjam (CVE-2015-4000). Exploitation of some of these vulnerabilities could allow the attacker to read and modify data passed over the connection.

Updates available include:
•OpenSSL 1.0.2b for 1.0.2 users
•OpenSSL 1.0.1n for 1.0.1 users
•OpenSSL 1.0.0s for 1.0.0d (and below) users
•OpenSSL 0.9.8zg for 0.9.8r (and below) users

Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary updates.

OpenSSL Security Advisory: https://www.openssl.org/news/secadv_20150611.txt
updates: http://www.openssl.org/news/

https://opendec.wordpress.com/tag/openssl/
« Last Edit: June 12, 2015, 08:24:47 PM by bmartino1 »
Files i try to keep and share can be found on my google drive:

https://drive.google.com/drive/folders/1FOWi3Gqaldld6JLXvZ-biDv4RSguf0IC


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile
15-06-2015     HFS 2.3e SSL 293g is online.

News:
-  Stable release
Stunnel 5.18 Compiled/running with OpenSSL 1.0.2b-fips 11 Jun 2015
-  Ciphers parameter (button C)

For users of a previous BUILD, update Stunnel with the "S" button

« Last Edit: May 18, 2017, 10:42:40 PM by Mars »


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile
17-06-2015     HFS 2.3e SSL 293h is online.

News:
-  Stable release
Stunnel 5.18 Compiled/running with OpenSSL 1.0.2b-fips 11 Jun 2015
-  Ciphers parameter (button C)

For users of a previous BUILD, update Stunnel with the "S" button
« Last Edit: May 18, 2017, 10:43:59 PM by Mars »


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 900
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
15-06-2015     HFS 2.3e SSL 293g is online.

News:
-  Stable release
Stunnel 5.18 Compiled/running with OpenSSL 1.0.2b-fips 11 Jun 2015
-  Ciphers parameter (button C)

For users of a previous BUILD, update Stunnel with the "S" button




17-06-2015     HFS 2.3e SSL 293h is online.

News:
-  Stable release
Stunnel 5.18 Compiled/running with OpenSSL 1.0.2b-fips 11 Jun 2015
-  Ciphers parameter (button C)

For users of a previous BUILD, update Stunnel with the "S" button


openssl version in this HFS:
1.0.2b-fips

I don't think i t matters to much, but openssl is using a"c" versions to fix minor bugs
OpenSSL 1.0.2c is now available, including bug fixes
https://www.openssl.org/news/

What i'm getting at is that i see no difference in the last two posts of files...

I assume it was a bug fix...
« Last Edit: May 18, 2017, 10:45:02 PM by Mars »
Files i try to keep and share can be found on my google drive:

https://drive.google.com/drive/folders/1FOWi3Gqaldld6JLXvZ-biDv4RSguf0IC


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile
19-06-2015     HFS 2.3e SSL 293i is online.

News:
-  Stable release
Stunnel 5.19 Compiled/running with OpenSSL 1.0.2c-fips 11 Jun 2015

For users of a previous BUILD, update Stunnel with the "S" button

« Last Edit: May 18, 2017, 10:45:47 PM by Mars »


Offline SilentPliz

  • Operator
  • Tireless poster
  • *****
    • Posts: 1297
  • ....... chut ! shh!
    • View Profile
@bmartino


Hi!

I don't compile Stunnel myself ... so I have to wait every time the latest official release of Stunnel that includes the updates for OpenSSL.
Generally they are very reactive (one or two days after the release of OpenSSL).
This was the case between the publication of Stunnel 5.18 and 5.19.

The difference between the releases "293g" and "293h" I posted is in the default settings for ciphers that I had "forgotten" in the "293g".  :-\

"The 293i" is up to date for OpenSSL. ;)
« Last Edit: June 19, 2015, 02:22:57 PM by SilentPliz »


Offline ataxy

  • Occasional poster
  • *
    • Posts: 19
    • View Profile
    • http://d-vault.peerforces.com
thank you for this mod of hsf, do you intend on updating it to the 2.3g version of hsf?
« Last Edit: October 23, 2015, 03:19:23 AM by ataxy »


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 900
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
well, its that time again :P

Just thought i would post the new USCERT info

https://www.us-cert.gov/ncas/current-activity/2016/01/14/OpenSSH-Client-Vulnerability

https://www.kb.cert.org/vuls/id/456088
------------------------------------------------------------
I believe this is unaffected to this as the protocol sslv2 is disabled and the stunel in the current build is using tls protocol..., but for your information only:
as of marchMarch 1st, another vulnerability in open ssh, the solution is not to use ssl , the tool here has it disabled by default, but there was another vulnerability in ssl v2 that they found:
https://www.openssl.org/news/secadv/20160301.txt

more info form uscert ssl drwon atack confirmed...:
https://www.us-cert.gov/ncas/current-activity/2016/03/01/SSLv2-DROWN-Attack
https://www.kb.cert.org/vuls/id/583776
« Last Edit: March 01, 2016, 11:19:12 PM by bmartino1 »
Files i try to keep and share can be found on my google drive:

https://drive.google.com/drive/folders/1FOWi3Gqaldld6JLXvZ-biDv4RSguf0IC


Offline LeoNeeson

  • Tireless poster
  • ****
    • Posts: 700
  • Status: On hiatus (unspecified time)
    • View Profile
    • twitter.com/LeoNeeson
Thanks for the heads up bmartino1. :)
HFS in Spanish (HFS en Español) / How to compile HFS (Tutorial)
» Currently taking a break, until HFS v2.4 get his stable version.


Offline bmartino1

  • Tireless poster
  • ****
    • Posts: 900
  • I'm only trying to help i mean no offense.
    • View Profile
    • My HFS Google Drive Shared Link
i still think This HFS stunnel is working properly adn is uptodate...

but its that time again :P
Available updates include:
OpenSSL 1.0.2h  for 1.0.2 users
OpenSSL 1.0.1t  for 1.0.1 users

----------------
National Cyber Awareness System:

OpenSSL Releases Security Updates
05/03/2016 02:17 PM EDT

Original release date: May 03, 2016
OpenSSL has released security updates to address vulnerabilities in previous versions. Exploitation of one of these vulnerabilities may allow a remote attacker to take control of an affected system.

Available updates include:

OpenSSL 1.0.2h  for 1.0.2 users
OpenSSL 1.0.1t  for 1.0.1 users
US-CERT encourages users and administrators to review the OpenSSL Security Advisory page and apply the necessary updates.
https://www.openssl.org/news/vulnerabilities.html
Files i try to keep and share can be found on my google drive:

https://drive.google.com/drive/folders/1FOWi3Gqaldld6JLXvZ-biDv4RSguf0IC