Thread: Howto: SSL Usenet and Grabbit
View Single Post
Old 02-05-2008, 18:24   #1
dragon
cf.mega poster
 
dragon's Avatar
 
Join Date: Jan 2004
Posts: 3,348
dragon has reached the bronze age
dragon has reached the bronze agedragon has reached the bronze agedragon has reached the bronze agedragon has reached the bronze agedragon has reached the bronze agedragon has reached the bronze agedragon has reached the bronze age
Howto: SSL Usenet and Grabbit
For those of you that don't want to shell out for one of the paid for Usenet clients Grabit is a great free alternative application for grabbing stuff off Usenet.

You can download it from http://www.shemes.com/

One feature that grabit however lacks is the ability to use an SSL encrypted connection which for those of you would prefer to use SSL for whatever reason but don't want to buy a newsreader here's a workaround to use Grabit over a SSL connection.

I used to use linux and the newsreader I used at the time didn't support SSL either, however after some searching I found out about a neat little program called Stunnel which is a Proxy that takes The Unencrypted traffic and encrypts it using SSL, it worked perfectly.

There is a windows port of stunnel and with a couple of quick changes to the configuration it works great with Grabit.

Here's how you set it up.

1) Download and install Grabit if you aren't already using it.

2) Download the latest Stunnel from http://www.stunnel.org/download/binaries.html

3) Install Stunnel

4) Click the option on the start menu to "Edit Stunnel.conf" (Note: vista users with UAC enabled need to right click and "Run as Adminstrator" or you won't be able to save the changes)


Find the lines

Code:
; Use it for client mode
;client = yes
Replace with

Code:
; Use it for client mode
client = yes
debug = debug
Then above the line
Code:
; vim:ft=dosini
Add the following

Code:
[usenet]
accept = 127.0.0.1:119
connect = Server.Address:563
(replacing server.address with the address of your Usenet providers server and if Necessary 563 for the port used for their SSL service. (563 is the default Usenet SSL port))

Find the lines

Quote:
[pop3s]
accept = 995
connect = 110

[imaps]
accept = 993
connect = 143

[ssmtp]
accept = 465
connect = 25

;[https]
;accept = 443
;connect = 80
;TIMEOUTclose = 0
And remove them (we don't want it listening for other connections, could be a security risk)

5) Start Stunnel, you should get a new Icon in your system tray, clicking it will display the stunnel log

6) Start grabit and set your newserver to 127.0.0.1 port 119 but set the username/Password/ Maximum connections as directed by your service provider.

7) Try and connect all going well what should happen is grabit will connect as usual and you should see some Output in the log from Stunnel.


This of course doesn't apply just to Grabit it should work with any application where you want to connect to an SSL enabled service where the application doesn't support SSL.

Note: The connection between the Application and Stunnel will still be unencrypted but as your only connecting back to yourself (127.0.0.1) It should be fairly safe.
__________________
It's Not a Bug It's a 'Feature'
Last edited by dragon; 02-05-2008 at 19:07.
dragon is offline   Reply With Quote