« July 2013 | Main | September 2013 »

1 posts from August 2013

08/17/2013

Two More Useful Posts from Ivan Ristić

Ivan Ristić posted a couple of articles earlier this month that will be really useful for security professionals and systems administrators.

The first is titled "Defending against the BREACH attack", which provides background and mitigation instructions for protecting against this new attack.

The second is titled "Increasing DHE strength on Apache 2.4.x", which describes a problem (as well as a solution) that occurs when using a default compile of the Apache web server and OpenSSL and when one is looking to use Diffie-Hellman parameters stronger than 1024 bits in conjunction with ciphers supporting Forward Secrecy.