ach-master.git
2 years agoMerge ../Applied-Crypto-Hardening
Adi Kriegisch [Tue, 20 Dec 2016 14:20:52 +0000 (15:20 +0100)]
Merge ../Applied-Crypto-Hardening

Conflicts:
CONTRIBUTING.md

2 years agoadd ML link
Aaron Zauner [Tue, 20 Dec 2016 13:36:37 +0000 (14:36 +0100)]
add ML link

2 years agoremove italics in getting started section
Aaron Zauner [Tue, 20 Dec 2016 13:24:45 +0000 (14:24 +0100)]
remove italics in getting started section

2 years agos/issues/PRs
Aaron Zauner [Tue, 20 Dec 2016 13:19:31 +0000 (14:19 +0100)]
s/issues/PRs

2 years agoadd intro to TeX
Aaron Zauner [Tue, 20 Dec 2016 12:27:48 +0000 (13:27 +0100)]
add intro to TeX

2 years agoadd intro to TeX
Aaron Zauner [Tue, 20 Dec 2016 12:27:48 +0000 (13:27 +0100)]
add intro to TeX

2 years agoadd git intro to CONTRIBUTING.md
Aaron Zauner [Tue, 20 Dec 2016 12:21:31 +0000 (13:21 +0100)]
add git intro to CONTRIBUTING.md

2 years agoadd textual links
Aaron Zauner [Tue, 20 Dec 2016 12:11:18 +0000 (13:11 +0100)]
add textual links

2 years agomerge FAQ content into CONTRIBUTING
Aaron Zauner [Tue, 20 Dec 2016 11:47:38 +0000 (12:47 +0100)]
merge FAQ content into CONTRIBUTING

2 years agoFAQ.md as symlink
Aaron Zauner [Tue, 20 Dec 2016 11:42:44 +0000 (12:42 +0100)]
FAQ.md as symlink

2 years agoextend CONTRIBUTING.md, remove obsolete FAQ.md
Aaron Zauner [Tue, 20 Dec 2016 11:41:46 +0000 (12:41 +0100)]
extend CONTRIBUTING.md, remove obsolete FAQ.md

2 years agoadd CONTRIBUTING.md file for github PRs
Aaron Zauner [Tue, 20 Dec 2016 11:36:12 +0000 (12:36 +0100)]
add CONTRIBUTING.md file for github PRs

2 years agoMerge branch 'florianbeer-patch-1'
Sebastian Wagner [Tue, 13 Dec 2016 17:54:02 +0000 (18:54 +0100)]
Merge branch 'florianbeer-patch-1'

2 years agoRemove Factorable Key Check Service link
Florian Beer [Tue, 13 Dec 2016 10:26:15 +0000 (11:26 +0100)]
Remove Factorable Key Check Service link

The keycheck service is no longer available.

3 years agoMerge pull request #131 from pixelart/tested-apache-centos7
Sebastian Wagner [Mon, 12 Sep 2016 09:36:59 +0000 (11:36 +0200)]
Merge pull request #131 from pixelart/tested-apache-centos7

Add tested with Apache 2.4.6, CentOS Linux 7 (Core) with OpenSSL 1.0.1e

3 years agoAdd tested with Apache 2.4.6, CentOS Linux 7 (Core) with OpenSSL 1.0.1e
Patrik Karisch [Mon, 12 Sep 2016 08:48:54 +0000 (10:48 +0200)]
Add tested with Apache 2.4.6, CentOS Linux 7 (Core) with OpenSSL 1.0.1e

3 years agoMerge pull request #128 from maartenvhb/caa
Aaron Zauner [Mon, 20 Jun 2016 03:32:09 +0000 (11:32 +0800)]
Merge pull request #128 from maartenvhb/caa

Added Certificate Authorization Authority records and corrected a few…

3 years agoAdded Certificate Authorization Authority records and corrected a few typos in my...
Maarten Van Horenbeeck [Sat, 18 Jun 2016 07:44:31 +0000 (16:44 +0900)]
Added Certificate Authorization Authority records and corrected a few typos in my name

3 years agoMerge pull request #127 from dawud/support/troopers16_presentation_fixes
Aaron Zauner [Fri, 1 Apr 2016 21:33:44 +0000 (23:33 +0200)]
Merge pull request #127 from dawud/support/troopers16_presentation_fixes

troopers16 presentation fixes

3 years agotroopers16 presentation fixes
David Sastre Medina [Wed, 30 Mar 2016 19:11:48 +0000 (20:11 +0100)]
troopers16 presentation fixes

- correction of some typos
- line breaks for readability
- remove trailing whitespace
- rebuild slides.pdf

3 years agoMerge pull request #125 from ivuk/fix-typos
Aaron Zauner [Sun, 27 Mar 2016 12:30:42 +0000 (14:30 +0200)]
Merge pull request #125 from ivuk/fix-typos

Minor typo fixes

3 years agoRemove an extra space char in PKIs.tex
Igor Vuk [Sat, 26 Mar 2016 13:01:42 +0000 (14:01 +0100)]
Remove an extra space char in PKIs.tex

3 years agoRemove trailing spaces in PKIs.tex
Igor Vuk [Sat, 26 Mar 2016 13:00:32 +0000 (14:00 +0100)]
Remove trailing spaces in PKIs.tex

3 years agoFix a typo in PKIs.tex
Igor Vuk [Sat, 26 Mar 2016 12:56:45 +0000 (13:56 +0100)]
Fix a typo in PKIs.tex

3 years agoFix trailing spaces in recommended.tex
Igor Vuk [Sat, 26 Mar 2016 12:49:11 +0000 (13:49 +0100)]
Fix trailing spaces in recommended.tex

3 years agoFix typos in recommended.tex
Igor Vuk [Sat, 26 Mar 2016 12:47:26 +0000 (13:47 +0100)]
Fix typos in recommended.tex

3 years agoMerge pull request #124 from ivuk/fix-typos
Aaron Zauner [Fri, 25 Mar 2016 10:47:41 +0000 (11:47 +0100)]
Merge pull request #124 from ivuk/fix-typos

Minor typo fixes and an URL update

3 years agoRemove trailing spaces in im.tex
Igor Vuk [Thu, 24 Mar 2016 19:10:38 +0000 (20:10 +0100)]
Remove trailing spaces in im.tex

3 years agoUpdate the OTR URL in im.tex
Igor Vuk [Thu, 24 Mar 2016 19:08:20 +0000 (20:08 +0100)]
Update the OTR URL in im.tex

3 years agoFix a typo in vpn.tex
Igor Vuk [Thu, 24 Mar 2016 19:05:01 +0000 (20:05 +0100)]
Fix a typo in vpn.tex

3 years agoRemove trailing spaces in mailserver.tex
Igor Vuk [Thu, 24 Mar 2016 18:59:39 +0000 (19:59 +0100)]
Remove trailing spaces in mailserver.tex

3 years agoFix typos in mailserver.tex
Igor Vuk [Thu, 24 Mar 2016 18:56:57 +0000 (19:56 +0100)]
Fix typos in mailserver.tex

3 years agoMerge pull request #123 from ivuk/fix-typos
Aaron Zauner [Thu, 24 Mar 2016 14:26:48 +0000 (15:26 +0100)]
Merge pull request #123 from ivuk/fix-typos

Minor typo fixes

3 years agoRemove a trailing space in mailserver.tex
Igor Vuk [Wed, 23 Mar 2016 19:19:18 +0000 (20:19 +0100)]
Remove a trailing space in mailserver.tex

3 years agoFix a typo in mailserver.tex
Igor Vuk [Wed, 23 Mar 2016 19:18:14 +0000 (20:18 +0100)]
Fix a typo in mailserver.tex

3 years agoFix a typo in webserver.tex
Igor Vuk [Wed, 23 Mar 2016 19:11:04 +0000 (20:11 +0100)]
Fix a typo in webserver.tex

3 years agoRemove trailing spaces in howtoread.tex
Igor Vuk [Wed, 23 Mar 2016 19:04:29 +0000 (20:04 +0100)]
Remove trailing spaces in howtoread.tex

3 years agoFix a typo in howtoread.tex
Igor Vuk [Wed, 23 Mar 2016 18:58:57 +0000 (19:58 +0100)]
Fix a typo in howtoread.tex

3 years agoMerge pull request #122 from ivuk/fix-typo-faq
Sebastian [Wed, 23 Mar 2016 20:33:35 +0000 (21:33 +0100)]
Merge pull request #122 from ivuk/fix-typo-faq

Minor fixes for FAQ.md

3 years agoAdd https:// prefix to bettercrypto.org URL
Igor Vuk [Wed, 23 Mar 2016 18:52:36 +0000 (19:52 +0100)]
Add https:// prefix to bettercrypto.org URL

3 years agoFix a typo in FAQ.md
Igor Vuk [Wed, 23 Mar 2016 18:50:55 +0000 (19:50 +0100)]
Fix a typo in FAQ.md

3 years agoadd pdf slides
Aaron Zauner [Thu, 17 Mar 2016 13:16:35 +0000 (14:16 +0100)]
add pdf slides

3 years agoadd TROOPERS16 presentation
Aaron Zauner [Thu, 17 Mar 2016 13:15:44 +0000 (14:15 +0100)]
add TROOPERS16 presentation

3 years agoMerge pull request #121 from tarleb/postfix-config-update
Sebastian [Wed, 9 Mar 2016 10:32:18 +0000 (11:32 +0100)]
Merge pull request #121 from tarleb/postfix-config-update

Always log Postfix TLS connections, fix for different postfix versions

According to docs http://www.postfix.org/postconf.5.html#smtpd_tls_loglevel
loglevel 1 gives a summary for all versions above 2.2
tested on wheezy with 2.9

3 years agoAlways log TLS connection info in Postfix
Albert Krewinkel [Wed, 9 Mar 2016 08:24:44 +0000 (09:24 +0100)]
Always log TLS connection info in Postfix

TLS connection details are useful information and should always be
logged.

3 years agoRemove duplicate parameters from Postfix/main.cf
Albert Krewinkel [Tue, 8 Mar 2016 22:27:18 +0000 (23:27 +0100)]
Remove duplicate parameters from Postfix/main.cf

Two `readme_directory` parameters are one too many.  Same for
`myorigin`.

fixup! Remove duplicate parameter from Postfix/main.cf

3 years agoMerge pull request #90 from malexmave/ejabberd-update
Aaron Zauner [Thu, 3 Mar 2016 23:23:53 +0000 (00:23 +0100)]
Merge pull request #90 from malexmave/ejabberd-update

Updated for newer versions of ejabberd

3 years agoMerge pull request #120 from BetterCrypto/DROWN-fixes
AaronK [Wed, 2 Mar 2016 22:57:06 +0000 (23:57 +0100)]
Merge pull request #120 from BetterCrypto/DROWN-fixes

Drown fixes

3 years agoremove Draft text. We are not draft anymore. This document has been around quite... DROWN-fixes
aaronkaplan [Wed, 2 Mar 2016 08:56:28 +0000 (09:56 +0100)]
remove Draft text. We are not draft anymore. This document has been around quite long now and been tested against multiple attacks over time.

3 years agofix Exim against DROWN
aaronkaplan [Wed, 2 Mar 2016 08:55:01 +0000 (09:55 +0100)]
fix Exim against DROWN

3 years agoupdate postfix settings due to DROWN attack
aaronkaplan [Wed, 2 Mar 2016 08:45:40 +0000 (09:45 +0100)]
update postfix settings due to DROWN attack

3 years agoMerge pull request #119 from tarleb/ecrypt-url-fix
Sebastian [Sun, 28 Feb 2016 20:01:21 +0000 (21:01 +0100)]
Merge pull request #119 from tarleb/ecrypt-url-fix

Fix URL of ECRYPT II report

3 years agoFix URL of ECRYPT II report
Albert Krewinkel [Sun, 28 Feb 2016 18:13:35 +0000 (19:13 +0100)]
Fix URL of ECRYPT II report

It seems that the URL of the ECRYPT II report is no longer valid.
Add missing URL part to get a valid URL again.

3 years agoMerge pull request #118 from 2001db8/ESA_update_201601
Aaron Zauner [Wed, 27 Jan 2016 11:00:24 +0000 (12:00 +0100)]
Merge pull request #118 from 2001db8/ESA_update_201601

Ironport/ESA changes to meet current GD versions and tested versions

3 years agoChanges to meet current GD versions
Jens Roesen [Tue, 19 Jan 2016 14:50:37 +0000 (15:50 +0100)]
Changes to meet current GD versions

Complemented list of tested versions and changed limitations to meet the
changes in the GD releases.

3 years agoClear up wording for older configs
Max Maass [Sun, 17 Jan 2016 14:21:49 +0000 (15:21 +0100)]
Clear up wording for older configs

3 years agoAdd information about DH param compatibility
Max Maass [Wed, 13 Jan 2016 10:35:55 +0000 (11:35 +0100)]
Add information about DH param compatibility

3 years agoImplement change requests by @sebix
Max Maass [Sun, 27 Dec 2015 18:54:21 +0000 (19:54 +0100)]
Implement change requests by @sebix

3 years agoAdd custom DH parameters
Max Maass [Sun, 27 Dec 2015 16:08:26 +0000 (17:08 +0100)]
Add custom DH parameters

3 years agoMerge pull request #117 from gunnarhaslinger/master
Sebastian [Tue, 8 Dec 2015 16:10:39 +0000 (17:10 +0100)]
Merge pull request #117 from gunnarhaslinger/master

Correct CipherstringB in Webservers+Mailservers

4 years agoUpdate: Practical recommendations - MailServers: CipherStrings matching old CipherStr...
Gunnar Haslinger [Sat, 7 Nov 2015 15:20:45 +0000 (16:20 +0100)]
Update: Practical recommendations - MailServers: CipherStrings matching old CipherString-B updated to match current CipherString-B

4 years agoUpdate: Practical recommendations - Webservers: CipherStrings match old CipherString...
Gunnar Haslinger [Sat, 7 Nov 2015 15:10:42 +0000 (16:10 +0100)]
Update: Practical recommendations - Webservers: CipherStrings match old CipherString-B updated to match current CipherString-B

4 years agoMerge pull request #116 from jschlyter/haproxy_direct
Aaron Zauner [Sat, 7 Nov 2015 11:40:08 +0000 (12:40 +0100)]
Merge pull request #116 from jschlyter/haproxy_direct

add example for redirect from HTTP to HTTPS

4 years agoMerge pull request #115 from gunnarhaslinger/master
Aaron Zauner [Sat, 7 Nov 2015 11:34:09 +0000 (12:34 +0100)]
Merge pull request #115 from gunnarhaslinger/master

Dovecot: added options of newer Versions

4 years agoadd redirect from HTTP to HTTPS
Jakob Schlyter [Fri, 6 Nov 2015 08:01:47 +0000 (09:01 +0100)]
add redirect from HTTP to HTTPS

4 years agoDovecot: added ssl_dh_parameters_length, ssl_prefer_server_ciphers and Test using...
Gunnar Haslinger [Mon, 26 Oct 2015 18:33:53 +0000 (19:33 +0100)]
Dovecot: added ssl_dh_parameters_length, ssl_prefer_server_ciphers and Test using SSLyze

4 years agoMerge pull request #114 from dahlberg-fkie/master
Aaron Zauner [Thu, 22 Oct 2015 17:04:09 +0000 (19:04 +0200)]
Merge pull request #114 from dahlberg-fkie/master

Add unsorted/LibreSSL ciphers

4 years agoAdd unsorted/LibreSSL ciphers
David Dahlberg [Wed, 21 Oct 2015 08:41:23 +0000 (10:41 +0200)]
Add unsorted/LibreSSL ciphers

4 years agoMerge pull request #113 from gunnarhaslinger/master
Aaron Zauner [Fri, 16 Oct 2015 23:09:59 +0000 (01:09 +0200)]
Merge pull request #113 from gunnarhaslinger/master

HTTP Public Key Pinning (HPKP), added new theory section and updated Apache-Config.

4 years agoCorrected a copy+paste mistake
Gunnar Haslinger [Fri, 16 Oct 2015 21:55:32 +0000 (23:55 +0200)]
Corrected a copy+paste mistake

4 years agoHTTP Public Key Pinning (HPKP), added new theory section and updated Apache-Config.
Gunnar Haslinger [Fri, 16 Oct 2015 21:35:25 +0000 (23:35 +0200)]
HTTP Public Key Pinning (HPKP), added new theory section and updated Apache-Config.

4 years agoadded list of supported cipher suites of some CentOS/Debian versions
Gunnar Haslinger [Fri, 16 Oct 2015 18:23:17 +0000 (20:23 +0200)]
added list of supported cipher suites of some CentOS/Debian versions

4 years agoMerge pull request #112 from dahlberg-fkie/master
Aaron Zauner [Wed, 19 Aug 2015 23:07:43 +0000 (01:07 +0200)]
Merge pull request #112 from dahlberg-fkie/master

New introduction into mail server settings

4 years agoincorporated sebix comments on 6334a5b
David Dahlberg [Mon, 3 Aug 2015 07:10:19 +0000 (09:10 +0200)]
incorporated sebix comments on 6334a5b

4 years agoNew introduction into mail server settings
David Dahlberg [Wed, 29 Jul 2015 11:01:26 +0000 (13:01 +0200)]
New introduction into mail server settings

4 years agoMerge pull request #111 from 2001db8/ironport-update
Aaron Zauner [Thu, 18 Jun 2015 09:18:46 +0000 (11:18 +0200)]
Merge pull request #111 from 2001db8/ironport-update

Link to AsyncOS 9.5 Release Notes

4 years agoLink to AsyncOS 9.5 Release Notes
Jens [Thu, 18 Jun 2015 07:52:08 +0000 (09:52 +0200)]
Link to AsyncOS 9.5 Release Notes

Exchanged the link to a Cisco Tweet about the possibility of TLS 1.2
support in AsyncOS 9.5 with a link to the actual AsyncOS 9.5 Release
Notes.

4 years agoMerge pull request #106 from 2001db8/ironport_subsection
Aaron Zauner [Sun, 24 May 2015 20:24:58 +0000 (22:24 +0200)]
Merge pull request #106 from 2001db8/ironport_subsection

Cisco ESA/IronPort subsection

4 years agoMerge pull request #109 from rotanid/master
Aaron Zauner [Sun, 24 May 2015 15:13:09 +0000 (17:13 +0200)]
Merge pull request #109 from rotanid/master

correct OpenSSH version number

4 years agocorrect OpenSSH version number
Andreas Ziegler [Fri, 22 May 2015 21:19:38 +0000 (23:19 +0200)]
correct OpenSSH version number

4 years agoMinor changes and screenshots
Jens Roesen [Fri, 22 May 2015 08:57:17 +0000 (10:57 +0200)]
Minor changes and screenshots

- minor changes in the descriptions
- added screenshots for all steps
- added FloatBarrier (see PR #107)

4 years agoMerge pull request #107 from arwarw/floatbarriers
Aaron Zauner [Thu, 14 May 2015 17:08:32 +0000 (19:08 +0200)]
Merge pull request #107 from arwarw/floatbarriers

Constrain figure positions by FloatBarrier

4 years agoMerge pull request #108 from arwarw/kerberos-mit-db-enctype-upgrade
Aaron Zauner [Thu, 14 May 2015 17:08:14 +0000 (19:08 +0200)]
Merge pull request #108 from arwarw/kerberos-mit-db-enctype-upgrade

Kerberos: How to switch an existing database to a new enctype

4 years agoKerberos: How to switch an existing database to a new enctype
Alexander Wuerstlein [Wed, 13 May 2015 14:28:42 +0000 (16:28 +0200)]
Kerberos: How to switch an existing database to a new enctype

4 years agoadd \FloatBarrier to constrain screenshot figures to their respective sections
Alexander Wuerstlein [Wed, 13 May 2015 14:48:13 +0000 (16:48 +0200)]
add \FloatBarrier to constrain screenshot figures to their respective sections

4 years agospell fix - s/stampling/stapling/
Aaron Zauner [Sat, 9 May 2015 19:14:49 +0000 (21:14 +0200)]
spell fix - s/stampling/stapling/

4 years agoMerge pull request #105 from schue30/master
Aaron Zauner [Sat, 9 May 2015 19:10:32 +0000 (21:10 +0200)]
Merge pull request #105 from schue30/master

Add HAProxy configuration

4 years agoMinor edits... again
Jens Roesen [Sat, 9 May 2015 17:15:44 +0000 (19:15 +0200)]
Minor edits... again

4 years agoAdd OCSP stapling, HPKP and NPN.
Mathias Schüpany [Sat, 9 May 2015 16:14:51 +0000 (18:14 +0200)]
Add OCSP stapling, HPKP and NPN.

4 years agoMinor changes
Jens Roesen [Sat, 9 May 2015 15:24:06 +0000 (17:24 +0200)]
Minor changes

4 years agoMinor edits
Jens Roesen [Sat, 9 May 2015 15:08:22 +0000 (17:08 +0200)]
Minor edits

4 years agoAdded name to acknowledgements
Jens Roesen [Sat, 9 May 2015 14:45:06 +0000 (16:45 +0200)]
Added name to acknowledgements

4 years agoAdded IronPort Subsection
Jens Roesen [Sat, 9 May 2015 14:42:45 +0000 (16:42 +0200)]
Added IronPort Subsection

4 years agoMerge branch 'master' of github.com:BetterCrypto/Applied-Crypto-Hardening
Aaron Kaplan [Fri, 8 May 2015 18:07:48 +0000 (20:07 +0200)]
Merge branch 'master' of github.com:BetterCrypto/Applied-Crypto-Hardening

4 years agominor corrections
Aaron Kaplan [Fri, 8 May 2015 18:06:50 +0000 (20:06 +0200)]
minor corrections

4 years agoadd HAProxy configuration
Mathias Schuepany [Fri, 8 May 2015 17:05:06 +0000 (19:05 +0200)]
add HAProxy configuration

4 years agofix latex build (escape underscores in \emph)
Adi Kriegisch [Sun, 3 May 2015 11:07:05 +0000 (13:07 +0200)]
fix latex build (escape underscores in \emph)

4 years agoMerge pull request #100 from FireFart/changes
Aaron Zauner [Thu, 9 Apr 2015 07:41:12 +0000 (09:41 +0200)]
Merge pull request #100 from FireFart/changes

remove $host variable, add some tested versions

4 years agoMerge pull request #101 from sebix/tested-on-trusty
Aaron Zauner [Tue, 7 Apr 2015 09:47:45 +0000 (11:47 +0200)]
Merge pull request #101 from sebix/tested-on-trusty

tested exim, postfix, dovecot and lighttpd with ubuntu 14.04

4 years agoMerge pull request #103 from sebix/uncovered-sw
Aaron Zauner [Tue, 7 Apr 2015 09:47:04 +0000 (11:47 +0200)]
Merge pull request #103 from sebix/uncovered-sw

Uncovered software and more for further research