From charlesreid1

Before we talk about alternatives to Stunnel, let's recap what Stunnel is.

What is Stunnel

Stunnel is a library for wrapping arbitrary data and arbitrary traffic in a completely legit SSL layer. This traffic is then passed to a remote server, also running Stunnel, that unwraps the traffic. The advantage of wrapping the traffic in an SSL layer is, the traffic will get through any firewall that has a hole in port 443 (which is most firewalls). Since you can wrap just about anything, including SSH traffic, FTP traffic, Tor traffic, or OpenVPN traffic through Stunnel, you can run anything you want through port 443. The best part about SSL traffic on port 443 is that the data are encrypted, so there is no actual inspection of packet contents - only a superficial check that the packet is properly formed.

As an added bonus, this is also an excellent method for bypassing captive portals - the websites that require you to enter a username and password for access, or that require you to purchase internet access for a block of time. These setups often leave open ports for DNS (53), HTTPS (443), and HTTP (80). If HTTPS traffic can't be inspected, it can't be determined whether the request is for the site to pay for your internet access, or the site where you are watching cat videos without paying.

What else is there

The principle behind Stunnel can be applied to protocols other than HTTPS - that is simply a convenient protocol because port 443 is often open, and the contents of packets are not inspected.

Iodine: like stunnel for dns

You can also tunnel the IP protcol through DNS packets. These packets appear to be going to a DNS server, which is actually your own server running Iodine on the other end. Through these DNS requests and responses, data can be transferred back and forth on the sly. Again, this is a great way to bypass captive portals, as the DNS port is often wide open and DNS packets are not being inspected closely.

Link: http://code.kryo.se/iodine/

My notes: Iodine

Flags