UnrealIRCd Forums

Hi

I using unrealICRD+SSL and Anope 1.7.8

Its possilbe to connect Anope services to SSL port ?

Anope doesn't support SSL

commandr wrote:Anope doesn't support SSL

OK,
If Anope doesn't support SSL, and is connected to non-SSL port, can user sniffing comunication between me an Nickserv ? Can he stolen my registered password to nickserv ?

hums.. I suppose that no

install a firewall in your computer

I need encrypted comunication between me and services. Firewall I have instaled.

uh, a firewall doesn't protect against sniffing ;).

Anyway... stuff can only be sniffed if an attacker has control over a device (eg: a computer) in the path between ircserver<----this---->anope.
If you link anope via localhost to your irc server (or in any other way does not cross a LAN/WAN/whatever), then it cannot be sniffed
[uh ok, it can be sniffed, but only by persons on that host and if you got rood/admin privileges]

So, if services are on another server than your IRCd, then you could either install an ircd at that server, or you could run something like stunnel @ your services location and let services connect to the stunnel, then the topology is: ircserver<------SSL secure connection--->stunnel<-->anope.

I am linking anope via localhost to my irc server. It running on same localhost as ircd server which support SSL.

I am connected to IRCD via SSL, Services not.

and what about attack man-in-the-middle ?

As it's been said, If Services are connected to your network locally, then there is no way someone can "sniff" your password. Especially if you're connected to the server as an SSL Client

pstruh22 wrote:and what about attack man-in-the-middle ?

I take it you have no idea what a man-in-the-middle attack is? It has absolutely nothing to do with this scenario. If it is on the local machine, there can be no man-in-the-middle attack because there is no man and no middle! The communication is direct - it's the same machine!