Two More Useful Posts from Ivan Ristić
Ivan Ristić posted a couple of articles earlier this month that will be really useful for security professionals and systems administrators.
The first is titled "Defending against the BREACH attack", which provides background and mitigation instructions for protecting against this new attack.
The second is titled "Increasing DHE strength on Apache 2.4.x", which describes a problem (as well as a solution) that occurs when using a default compile of the Apache web server and OpenSSL and when one is looking to use Diffie-Hellman parameters stronger than 1024 bits in conjunction with ciphers supporting Forward Secrecy.