Tag: tls

In May 1998, Wietse Venema released the first public alpha of a mailer he’d been writing inside IBM Research and originally called…

The myguard OpenSSH 10.3 package rebuilds sshd for production servers: post-quantum key exchange, AEAD-only ciphers, an AppArmor profile, a fail2ban jail, monthly moduli regeneration, three switchable sshd flavours (default / gssapi / minimal), and compiler hardening beyond Debian’s default. Includes a 2026 SSH key-generation walkthrough and a stack of server-hardening tips.

BREACH is a compression side-channel attack that can leak CSRF tokens and other secrets over HTTPS. Here is how the BREACH attack works, why padding is weak protection, and how to prevent it properly.

A complete Postfix + Dovecot + Rspamd mail server on Debian 12 and 13 — with TLS, DKIM, SPF, DMARC, spam filtering, virtual mailboxes, security hardening, and a 10/10 score on mail-tester.com. No shortcuts.

HTTP/3 runs on QUIC over UDP, eliminating TCP head-of-line blocking and enabling 0-RTT connection resumption. This guide covers installation, configuration, 0-RTT security, load balancer setup, and performance tuning.

We just upgraded our openssl-nginx package from OpenSSL 3.x to OpenSSL 4.0. This guide explains what openssl-nginx is, what changed in version 4.0, the real pros and cons of upgrading, and how to do it safely on your Debian or Ubuntu server.

Your server’s system OpenSSL juggles SSH, apt, Python, and your web server all at once. openssl-nginx says no to that. Here’s the dedicated OpenSSL built exclusively for NGINX and Angie — faster handshakes, post-quantum crypto, kernel TLS offload, zero legacy bloat.