Jump to: navigation, search

Difference between revisions of "Security and Privacy"

Difference between revisions of "Security and Privacy"

m (Zakkak moved page Security & Privacy to Security and Privacy without leaving a redirect: replace & with and)
(Small config update)
Line 16: Line 16:
 
== Configurations ==
 
== Configurations ==
  
TODO (i.e. use of non-default ports, block of remote root login etc.)
+
TODO  
 +
* Use non-default ports for ssh / imap? / ...
 +
* Block remote root login
 +
* Only allow ssh login using Private Keys
 +
* Renew (rotate) server ssh keys and use ECDHA/ECDSA
 +
* Automated security updates without human intervention

Revision as of 15:24, 20 April 2015

This page discusses the security mechanisms and the configurations we use to prevent malicious attacks. Note that the information here will be limited to prevent exposing possible vulnerabilities.

Intrusion Prevention Mechanisms

We use:

To Do

Encryption

TODO: use some short of encryption for the content of our users.

Configurations

TODO

  • Use non-default ports for ssh / imap? / ...
  • Block remote root login
  • Only allow ssh login using Private Keys
  • Renew (rotate) server ssh keys and use ECDHA/ECDSA
  • Automated security updates without human intervention