#security (2024-02)
Archive: https://archive.sweetops.com/security/
2024-02-06
![Juan Soto avatar](https://secure.gravatar.com/avatar/3c30922a633050dffff14a25f97f4f78.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0002-72.png)
Hey everyone! Given that 3DES ciphers are susceptible to SWEET32 attacks, I’m on a mission to secure our CloudFront domains. However, I’ve hit a snag: the most up-to-date security policy I can apply is TLSv1.2, which, to my surprise, still supports 3DES. Does anyone know if there’s a method to exclude 3DES ciphers from CloudFront? Alternatively, is there a way to customize the security policy manually? Appreciate any insights or guidance!
![venkata.mutyala avatar](https://avatars.slack-edge.com/2022-01-10/2935964026964_e3525ee61170d7dc3198_72.png)
...with this feature, you can select the security policy that enforces TLS version 1.1 and weak ciphers such as RC4 and 3DES will automatically be excluded...
![venkata.mutyala avatar](https://avatars.slack-edge.com/2022-01-10/2935964026964_e3525ee61170d7dc3198_72.png)
^ Hope it helps.
2024-02-07
2024-02-12
![gyoza avatar](https://secure.gravatar.com/avatar/97c46623059ee926fefd80cea5d89a7b.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0000-72.png)
yoo anybody know any good alternative to Weaveworks Ignite Firecracker vm – that has docker images lol (Weaveworks is shutting down apparently)
![Allan Swanepoel avatar](https://avatars.slack-edge.com/2022-06-24/3739166585152_acef2e16a544a0e63cbd_72.png)
2024-02-13
2024-02-26
![Kamil avatar](https://secure.gravatar.com/avatar/d99e61942bc58a801434568a0ec0cb52.jpg?s=72&d=https%3A%2F%2Fa.slack-edge.com%2Fdf10d%2Fimg%2Favatars%2Fava_0002-72.png)
Hi Everyone! Does anyone know a good alternative to freeipa? Is freeipa the best for managing access to Linux machines?