The DNS system is broken. The sorry state of DNS security exposes your server and your end users to a variety of risks. Some of those risks are preventable.
TLS 1.3 and post-quantum cryptography are subjects of much debate. Upgrade or wait—this is the big question facing administrators and users alike.
There are quite a few reasons to jump onto the TLS 1.3 bandwagon immediately, with or without quantum cryptography. Here is why.
In the age of cyber warfare, being paranoid is the only reasonable attitude and that means, among other things, being paranoid about software updates.
If you launch an instance from the official CentOS or RHEL 7.x AMI on AWS, you will be running kernel 3.1 as of this writing. That’s not a good idea. You can easily take advantage of improved security features of newer kernels that are already available in a stable release. The renowned Linux kernel maintainer Greg Kroah-Hartman released the Linux Kernel 4.14.15, which includes important fixes for Spectre & Meltdown. Here is how to update your Linux kernel from 3.1 to 4.16.11 in place.
[Updated 2018-06-11.] You can assign multiple IP addresses to an EC 2 instance. Here is a brief summary that will get you started on using the most recent AWS capabilities.