Image Map Image Map
Page 3 of 3 FirstFirst 123
Results 21 to 23 of 23

Thread: HTTPS and a Secure Login

  1. #21
    Join Date
    Dec 2012
    Location
    Portland Oregon
    Posts
    128

    Default

    This is a serious question.

    With the clear danger of identity threat, malware and economic loss, has there been or is it feasible to build/design a secure type of system that adds an encrypted security to an unsecure signal or connection once it leaves a firewall?

    BTW: I'm not talking of adding a VPN wrapper around said insecure connection or signal.

    Example: I ftp back and forth from my XT computer to my behind my firewall FTP server using mTCP. My firewall blocks this type of traffic coming from the outside into my internal network. If I wanted to use sftp with my XT, it would be impossible because adding SSH or SSH2 encryption would be very difficult and probably impractical for mTCP. But, if I could filter my unencrypted traffic through some sort of blackbox or service that would add that encryption signal - I could safely (as much as anything is safe these days) have an encrypted signal going into the wild.

    Is this even possible or practical?

    Geoff

  2. #22

    Default

    It is both possible and practical. It's called stripping or adding encryption. It's also a form of proxying.

    It's on my todo list. I suspect it has already been done already too. You basically just run a server that accepts incoming FTP connections from your insecure machines and creates an outgoing SFTP connection. HTTP becomes HTTPS. (HTTP might be more interesting because you might have to fix headers, deal with cookies, etc.)

  3. #23

    Default

    My Alpha Micro Eagle 300 has a webserver, but never supported SSL or TLS. Since its connections are proxied through the main Floodgap server anyway as a firewall, https://ampm.floodgap.com/ is implemented by just wrapping the proxied data streams with TLS. There are utilities like stunnel that do this though the one I use is a custom job using OpenSSL.
    I use my C128 because I am an ornery, stubborn, retro grouch. -- Bob Masse
    Machine room updated for 2019!: http://www.floodgap.com/etc/machines.html

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •