Bookmarks
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
12 results tagged tls  ✕   ✕
Ciphersuite Info: Suggested TLS configurations https://ciphersuite.info/cs/?sort=desc&security=secure&singlepage=true
Thu 28 Apr 2022 08:51:50 PM PDT archive.org

An interactive list of ciphersuite configurations that can be searched, sorted, and queried. The link bookmarked is a best practice set, from strongest to least trustworthy cryptosystems.

ssl tls cryptography directory interactive
coroner/cryptolyzer https://gitlab.com/coroner/cryptolyzer
Wed 02 Feb 2022 02:32:55 PM PST archive.org

CryptoLyzer is a fast and flexible server cryptographic settings analyzer library for Python with an easy-to-use command line interface with both human- and machine-readable output. It works with multiple cryptographic protocols (SSL/TLS, opportunistic TLS, SSH) and
analyzes additional security mechanisms (web security related HTTP response header fields, JA3 tag).

python encryption markdown json tls https ssh settings analysis infosec sysadmin
Applied Crypto Hardening: bettercrypto.org https://bettercrypto.org/
Mon 03 Aug 2020 08:14:26 PM PDT archive.org

Current version: Version 1.X, 2018-12-21

This guide arose out of the need for system administrators to have an updated, solid, well researched and thought-through guide for configuring SSL, PGP, SSH and other cryptographic tools in the post-Snowden age. Triggered by the NSA leaks in the summer of 2013, many system administrators and IT security officers saw the need to strengthen their encryption settings. This guide is specifically written for these system administrators.

The focus of this guide is merely to give current best practices for configuring complex cipher suites and related parameters in a copy & paste-able manner. The guide tries to stay as concise as is possible for such a complex topic as cryptography. Naturally, it can not be complete. There are many excellent guides (II & SYM, 2012) and best practice documents available when it comes to cryptography. However none of them focuses specifically on what an average system administrator needs for hardening his or her systems' crypto settings.

howto sysadmin linux crypto hardening applications servers ssl tls configuration
GitHub - drwetter/testssl.sh: Testing TLS/SSL encryption anywhere on any port https://github.com/drwetter/testssl.sh
Thu 13 Jun 2019 03:52:44 PM PDT archive.org

testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws. Clear human-readable and machine-readable outputs. No installation needed, uses only bash. Test any SSL/TLS enabled service on any port.

sysadmin crypto script utility ssl tls testing cli
Security/Server Side TLS - MozillaWiki https://wiki.mozilla.org/Security/Server_Side_TLS
Wed 20 Mar 2019 02:41:23 PM PDT archive.org

The goal of this document is to help operational teams with the configuration of TLS on servers. All Mozilla sites and deployment should follow the recommendations below. The Operations Security (OpSec) team maintains this document as a reference guide to navigate the TLS landscape. It contains information on TLS protocols, known issues and vulnerabilities, configuration examples and testing tools. Changes are reviewed and merged by the OpSec team, and broadcasted to the various Operational teams.

infosec tls configs howto sysadmin crypto
FiloSottile/mkcert: A simple zero-config tool to make locally trusted development certificates with any names you'd like. https://github.com/FiloSottile/mkcert
Mon 07 Jan 2019 10:09:40 PM PST archive.org

A simple zero-config tool to make locally trusted development certificates with any names you'd like. Does this by adding (and managing) a local CA on your laptop which you can issue arbitrary certs for (including localhost).

golang sysadmin ssl tls certificates ca management tools
STARTTLS Everywhere https://starttls-everywhere.org/
Mon 25 Jun 2018 08:47:43 PM PDT archive.org

Secure your email server with STARTTLS Everywhere! Your email service can be insecure in numerous different ways. The service below performs a quick check of your email server's security configuration, including whether STARTTLS is supported, and whether it may qualify for the STARTTLS Policy List.

online tools sysadmin smtp ssl tls checker configuration certificates exocortex postfix
Mandos - FUKTwiki http://wiki.fukt.bsnet.se/wiki/Mandos
Tue 20 Mar 2018 02:11:25 AM PDT archive.org

A system for allowing the reboot of servers with encrypted hard drives when you arent physically present to type in the passphrases. It relies upon strictly timed encrypted network communications with trusted systems and the use of PGP to decrypt some of the keying material.

tls encryption infosec reboot wde fde pgp storage openpgp security
Hardening Your Web Server’s SSL Ciphers — Hynek Schlawack http://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
Tue 20 Mar 2018 12:32:57 AM PDT archive.org

How to harden SSL support on your web server to mitigate attacks like BREACH, BEAST, and Lucky 13. Updated regularly.

hardening ssl infosec crypto sysadmin nginx linux apache tls
XMPP Intermediate Certification Authority https://xmpp.net/
Tue 20 Mar 2018 12:28:59 AM PDT archive.org

Plug an XMPP server or client into this site and it'll audit certain aspects of its COMSEC posture, such as key sizes, whether or not crypto is enabled, and what crypto protocols it supports. If you're paranoid about instant messaging, you may wish to start by using this site.

tls cryptography ssl xmpp online test security
SSL Library mbed TLS / PolarSSL: Download for free or buy a commercial license https://tls.mbed.org/
Tue 20 Mar 2018 12:09:08 AM PDT archive.org

mbed TLS (formerly PolarSSL) is an SSL implementation written from scratch designed for use in embedded applications and systems. The API was designed to make sense (unlike some other implementations I could mention) and the source code is written with readability in mind. Written in C as portably as possible. Modules are designed to be as loosely coupled as is feasible. opensource by default, but they do ask you to purchase commercial licenses if appropriate. Has a not-insignificant list of commercial and government users.

tls c embedded modules ssl api foss
Strong SSL Security on nginx - Raymii.org https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
Mon 19 Mar 2018 05:23:41 PM PDT archive.org

A tutorial on how to harden SSL and TLS in Nginx. Includes changing and increasing the size of Diffie-Hellman parameters for better security.

tls hardening dh ssl crypto sysadmin nginx pfs howto
4997 links, including 379 private
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn