![setting up stunnel with psk setting up stunnel with psk](https://i.stack.imgur.com/7jm8r.png)
This is the right approach in a lab-like setup. We have defined a very comprehensive log. In Tutorial 6 we made the following selection for the individual headers: SecAuditLogParts ABEFHIJKZ Part Z: End of a single entry/request (required).Part K: A list of all rules that returned a positive answer (the rules themselves are normalized including all inherited declarations).Part J: Additional information about file uploads.Part I: The HTTP request body in a space-saving version (uploaded files are not fully included, only individual key parameters for these files).Part H: Further information from ModSecurity concerning additional information about the request, such as repeated entries in the Apache error log here, the Action taken, timing information, etc.Part F: The HTTP response headers (without the two date and server headers, set by Apache itself right before leaving the server).Part E: The HTTP response body (only if body access was enabled via SecRequestBodyAccess).Part C: The HTTP request body (including raw data for a file upload only if body access was set via SecRequestBodyAccess).Part A: The starting part of a single entry/request (required).Let’s have a look at the different options in this directive: The ModSecurity audit engine labels different parts of the audit log using different letter abbreviations. However, depending on the settings of the SecAuditLogParts directive, not all parts of the requests are recorded. In Tutorial 6 we saw how we are able to configure ModSecurity to capture the entire traffic from a single client IP address. Step 1: Using ModSecurity to capture the entire traffic A reverse proxy as in Tutorial 9 (Setting up a reverse proxy).An OWASP ModSecurity Core Rule Set installation as in Tutorial 7 (Embedding ModSecurity Core Rules.An Apache web server with ModSecurity as in Tutorial 6 (Embedding ModSecurity).An Apache web server with extended access log as in Tutorial 5 (Extending and analyzing the access log).An Apache web server with SSL/TLS support as in Tutorial 4 (Configuring an SSL server).Understanding of the minimal configuration in Tutorial 2 (Configuring a minimal Apache server).An Apache web server, ideally one created using the file structure shown in Tutorial 1 (Compiling an Apache web server).In cases such as these it is important to be able to capture the entire traffic in order to narrow down the error to this basis. In numerous cases there is a lack of clarity about what has just passed over the line or there is disagreement about exactly which end of communication was responsible for the error. In daily life, when operating a web or reverse proxy server errors occur that can only be handled with difficultly come up again and again. We will also be decrypting traffic where necessary. We are capturing the entire HTTP traffic.
#Setting up stunnel with psk license
Table of Contents What are we doing? Why are we doing this? Requirements Step 1: Using ModSecurity to capture the entire traffic Step 2: Using ModSecurity to write the entire traffic of a single session Step 3: Sniffing client traffic with the server/reverse proxy Step 4: Capturing encrypted traffic between the client and the server/reverse proxy Step 5: Decrypting traffic Step 6: Sniffing traffic between the reverse proxy and the application server References License / Copying / Further use What are we doing?