OpenSSH Short for Open Secure Shell, OpenSSH is a free suite of tools (similar to the SSH connectivity tools) that help secure your network connections. OpenSSH encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking and other network-level attacks. The OpenSSH suite includes the ssh program that replaces rlogin and telnet, and scp which replaces rcp and ftp. OpenSSH has also added sftp and sftp-server which implement an easier solution for file-transfer. OpenSSH comes in two downloadable distributions: the native OpenBSD distribution and the multi-platform portable distribution. OpenSSH is developed by the OpenBSD Project.
Dropbear is a relatively small SSH server and client. It runs on a variety of POSIX-based platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers.
TCP Transmission control protocol (TCP) is the most common protocol used on the internet. It is connection oriented, meaning, data can be sent bidirectionally once a connection is established. Transmission Control Protocol is more commonly used than the User Datagram Protocol (UDP). Unlike UDP, it includes an automatic error checking system to ensure that each packet is delivered, as requested. The User Datagram Protocol, on the other hand, does not provide such a system that requires the acknowledgment that packet transmission was successful. This built-in error checking, although more efficient, makes it slower than UDP since it prioritizes the accurate delivery of data between systems.
UDP is a communication protocol used across the Internet for especially time-sensitive transmissions such as video playback or DNS lookups. It speeds up communications by not requiring what’s known as a “handshake”, allowing data to be transferred before the receiving party agrees to the communication. This allows the protocol to operate very quickly, and also creates an opening for exploitation.
Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs' code. Its architecture is optimized for security, portability, and scalability (including load-balancing), making it suitable for large deployments. Stunnel uses the OpenSSL library for cryptography, so it supports whatever cryptographic algorithms are compiled into the library. It can benefit from the FIPS 140-2 validation of the OpenSSL FIPS Object Module, as long as the building process meets its Security Policy. A scanned FIPS 140-2 Validation Certificate document is available for download on the NIST web page. The OpenSSL FIPS 140-2 module is currently only available for OpenSSL 1.0.2. FIPS-enabled Windows installers of stunnel are available on request with our customer support plans.
Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including Internet Gopher, SSL, TLS and HTTPS. Squid does not support the SOCKS protocol, unlike Privoxy, with which Squid can be used in order to provide SOCKS support.