Mitigating-Obsolete-TLS
LetsEncrypt-PRTG
Our great sponsors
| Mitigating-Obsolete-TLS | LetsEncrypt-PRTG | |
|---|---|---|
| 4 | 1 | |
| 259 | 19 | |
| - | - | |
| 0.0 | 0.0 | |
| about 3 years ago | over 1 year ago | |
| PowerShell | PowerShell | |
| GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Mitigating-Obsolete-TLS
-
How can I mask my ip?
NSA reading for securing TLS from Obsolete protocols
-
Looking for a method of blocking TLS 1.0 client traffic at the PFSense firewall.
Snort rules from NSA Cybersecurity Directorate: https://github.com/nsacyber/Mitigating-Obsolete-TLS/tree/master/snort
-
Wednesday Links - Edition 2021-01-13
Mitigating Obsolete TLS (2 min read) 🛡️ https://github.com/nsacyber/Mitigating-Obsolete-TLS
- Guidance for mitigating obsolete Transport Layer Security configurations
LetsEncrypt-PRTG
-
I... HATE... CERTIFICATES...
Win-Acme, Certify the Web, PoshACME, and more can do Let’s Encrypt on Windows and IIS. I had to create a post install script for Certify to update the PRTG certificate. Need to update for win-acme as well.
What are some alternatives?
CryptoLyzer - CryptoLyzer is a fast, flexible and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI/.
cfssl - CFSSL: Cloudflare's PKI and TLS toolkit
Suricata - Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
certify - Professional ACME Client for Windows. Certificate Management UI, powered by Let's Encrypt and compatible with all ACME v2 CAs. Download from certifytheweb.com
tlsassistant - An open-source modular framework capable of identifying a wide range of TLS vulnerabilities and assessing compliance with multiple guidelines. Its actionable report can assist the user in correctly and easily fixing their configurations.
easy-rsa - easy-rsa - Simple shell based CA utility
SDKMan - The SDKMAN! Command Line Interface
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
PSTcpIp - This PowerShell module contains functions that faciliate testing network connectivity, TLS/SSL and other network tasks
acme-dns - Limited DNS server with RESTful HTTP API to handle ACME DNS challenges easily and securely.
Windows-Optimize-Harden-Debloat - Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
acme.sh - A pure Unix shell script implementing ACME client protocol