[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNU-linux-libre] PSA on weak cryptography
From: |
Rubén Rodríguez |
Subject: |
[GNU-linux-libre] PSA on weak cryptography |
Date: |
Fri, 04 Dec 2015 16:19:13 -0500 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Icedove/31.8.0 |
Just a reminder for all distro maintainers and sysadmins to pay
attention to the cryptographic settings of programs included in free
distros, or being used in their respective project's infrastructure.
In particular, I think we should all analyze the use of weak
Diffie-Hellman Groups ("precomputed primes") and other DH related
vulnerabilities: https://weakdh.org/
For distros derived from others, make sure you are inheriting any
hardening that may come from upstream, and otherwise check the settings
for all the most common, security-sensitive packages. Feel free to share
in this thread what improvements you have implemented!
Quick and incomplete list of tools and documentation:
https://www.ssllabs.com/ssltest/
https://freakattack.com/
https://poodle.io/
http://heartbleed.com/
...
Please add others that you may know.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNU-linux-libre] PSA on weak cryptography,
Rubén Rodríguez <=