Documentation February 2014

documentation@lists.ipfire.org

6 participants
2 discussions

Should this be included in the wiki?
by R. W. Rodolico 17 Feb '14

17 Feb '14

I ran into a problem with a client running an IPFire firewall, where they had employees using teamviewer.com to access their workstations after hours, effectively bypassing the security of the router. I came up with a solution. Possibly not the best one as it requires building a separate name server, but it at least works. I wrote a "How To" on one of my sites, but if you think it would be useful, let me know where I should put it. http://wiki.linuxservertech.com/index.php?action=artikel&cat=5&id=198 Feel free to tell me there are better ways to do it or there are better uses of the web site. Rod -- R. W. "Rod" Rodolico Daily Data, Inc. POB 140465 Dallas TX 75214-0465 http://www.dailydata.net 214.827.2170

3 4

Cryptography
by Michael Tremer 09 Feb '14

09 Feb '14

Hello list, since Snowden, there is a lot going on about cryptography as he said that nothing else will help against mass surveillance than strong cryptography. IPFire provides a lot of services that use (strong) cryptography like the VPN services OpenVPN and strongswan and some others like tor. We can do a lot so that users are able to use these services in the most secure manner, but I think with that comes is still some education about the DOs and DON'Ts needed. So I was thinking that it would be nice to create a section on our wiki about cryptography and to aggregate all information that is important to know at one spot. We can refer to the content from the OpenVPN and IPsec pages for example to suggest which cipher is best to use. I created some pages about hardware random number generators and hardware crypto processors that are commonly used and supported by IPFire. Additionally to that, I can image to add things like these: * Briefly(!) explain the algorithms there are and point out advantages and disadvantages. Of course can never give advice to use exactly this algorithm, but we can say which are considered unsafe to use. * Provide best practices to protect keys, etc. Explain what attacks are possible so that people can prepare for them. I don't want to this to be a huge part of the documentation and this is probably documented somewhere else very well, but I would like to have the basics in our wiki. Detailed explanations should be referenced and not copied. This is all to see over here: http://wiki.ipfire.org/en/cryptography/start Of course I would like to hear your opinions (if there is anybody out there)! -Michael

4 6

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Documentation February 2014