Encrypt your connections (and do it right)

Posted on Sun 31 December 2017 in how-to

After a few amazing days at the #34c3 in Leipzig with dozens of talks highlighting various aspects of IT and physical device security I'd like to share some ressources and config examples on how to encrypt your connections.

You may think that there's no need for this. Everyone should be aware that encryption is neccessary these days. It helps us keeping communication private when it comes to messaging or accessing our bank account. Then yet again looking at the censys.io data for the top million websites only 736k are reachable via https. Not to speak or think about the websites which provide https only optional and provide some kind of login.

This little series will focus on the following topics to make your services on the internet more secure:

  • Choosing proper ciphers
  • Inspection of encryption defaults
  • Tools to verify configurations

All with a few examples. Probably I'll cover nginx, openssh, Postfix and Dovecot.

If you have any suggestions for more just let me know.