tunnel: 1. (Engineering / Civil Engineering) (tr) to make or force (a way) through or under (something) to tunnel a hole in the wall to tunnel the cliff
In our case, we'll reshape this definition to: "To make or face a way through a network under the radar" AKA, covert tunneling. (http://www.google.com/search?q=covert+tunnel)
Why and when do you need tunnels all depends on what it is you're trying to accomplish. In the case of T_Bone's post, he solely needed a method to fingerprint a webserver. Personally, I would have just visited the site using a proxy which to an extent is a tunnel via way of a proxy. This is because my information is under the radar. The Proxy's information is visible not mine. While stunnel is popular, in fact tunneling through ssh and ssl is rather popular it also is outdated and detectable in ginormous enterprise networks (ginormous is actually a word you know: http://www.merriam-webster.com/dictionary/ginormous). Most firewalls can detect SSL tunneling before it leaves therefore when in an engagement on large networks, what alternatives can you think of? Here are three to play with with my personal favorite being ICMP tunnels. Who doesn't allow ICMP on the OUTBOUND connection? What about DNS queries. Anyhow, here are three alternative programs to play with if you haven't seen or heard of them.