Jump to: navigation, search

Security and Privacy

Revision as of 15:24, 20 April 2015 by Daknob (Talk | contribs)

Security and Privacy

This page discusses the security mechanisms and the configurations we use to prevent malicious attacks. Note that the information here will be limited to prevent exposing possible vulnerabilities.

Intrusion Prevention Mechanisms

We use:

To Do

Encryption

TODO: use some short of encryption for the content of our users.

Configurations

TODO

  • Use non-default ports for ssh / imap? / ...
  • Block remote root login
  • Only allow ssh login using Private Keys
  • Renew (rotate) server ssh keys and use ECDHA/ECDSA
  • Automated security updates without human intervention