Use Encrypted Equivalent Protocol
Most clear-text protocols on top of TCP as an encrypted counter part. Here are a few examples:
- telnet -> SSH
- FTP, kermit -> SCP/SFTP over SSH- or FTPS over SSL
- POP3/IMAP/SMTP -> POP3S/IMAPS/SMTPS, SMTP + TLS, etc.
- Webmail over HTTP -> HTTPS
Add your own SSL encryption
For the TCP protocols, you can always use an SSL tunnel such as stunnel. You can use stunnel in different ways:
- Install it on a client which does not support SSL to communicate with an SSL-enabled server.
- Install it on a server which does not support SSL to communicate with SSL-enabled clients
- Install it on both the client and the server to encrypt any TCP traffic
Use an SSH Tunnel
If using SSL encryption with stunnel is not possible in your environment, you can use an SSH tunnel. Using SSH port redirection (-L option on Unix), you can redirect any remote port to a local port through an SSH tunnel. For example, ssh login@your-domain.net -L8000:127.0.0.1:80 allows you to browse your domain.net through SSH by using the address http://locahost:8000/.
You can also use an intermediate machine for your SSH encryption. ssh login@intermediate.net -L8000:192.168.1.10:80 would encrypt the traffic between your client and intermediate.net. In this case, the traffic between intermediate.net and 192.168.1.10 would not be encrypted.
Use Tor
Tor is becoming a popular way encrypt traffic. There is a plugin for Firefox to enable/disable Tor with one click, a proxy to redirect any browser through Tor, etc. Also it is a very young project, this might be the most user-friendly solution, especially on Windows. The down side is taht it does increase significantly the latency, using Tor might slow down your web browsing.
- Julien
Posts
0 comments:
Post a Comment