BoomMicrophone/nixpkgs-suyu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
nixpkgs-suyu/modules/services/networking
History
Peter Simons 0afcc637d7 Add support for opportunistic TCP encryption. 
Set "networking.tcpcrypt.enable = true;" to enable opportunistic TCP encryption
based on the user-space tools available from <http://tcpcrypt.org>.

Network attackers come in two varieties: passive and active (man-in-the-middle).
Passive attacks are much simpler to execute because they just require listening
on the network. Active attacks are much harder as they require listening and
modifying network traffic, often requiring very precise timing that can make
some attacks impractical.

Opportunistic encryption cannot protect against active attackers, but it *does*
protect against passive attackers. Furthermore, Tcpcrypt is powerful enough to
stop active attacks, too, if the application using it performs authentication.

A complete description of the protocol extension can be found at
<http://tools.ietf.org/html/draft-bittau-tcp-crypt-00>.
2013-09-10 23:32:55 +02:00
..
ircd-hybrid Add several missing uids and gids to modules/misc/ids.nix 2013-08-23 11:37:17 +02:00
ssh sshd: Support multiple host keys 2013-08-24 01:01:10 +02:00
amuled.nix Add some more missing uids/gids 2013-08-26 15:20:25 +02:00
avahi-daemon.nix avahi: Never set host-name' to the empty string in avahi-daemon.conf'. 2012-09-07 10:58:53 +02:00
bind.nix Use a dedicated user ('named') for BIND instead of running the daemon as super user. 2012-07-27 00:08:41 +02:00
bitlbee.nix Bitlbee: create homedir; do not use /etc/bitlbee.conf 2013-04-02 00:08:17 +02:00
chrony.nix chrony: properly set rtconutc option, and add a few more options 2013-05-23 03:00:09 +00:00
cntlm.nix * Don't include the hostname in option default values. Default values 2012-06-08 14:29:31 +00:00
ddclient.nix * Use boot.kernelModules everywhere instead of explicit calls to 2012-03-17 17:26:17 +00:00
dhclient.nix * Revert r33928: veth* can also be a bridged interface requiring dhcp. 2012-04-30 17:46:11 +00:00
dhcpcd.nix Fix typos, especially those that end up in the NixOS manual 2013-08-10 21:07:13 +00:00
dhcpd.nix * Change all the startOn / stopOn attributes to the Upstart 0.6 syntax 2009-11-06 22:19:17 +00:00
dnsmasq.nix dnsmasq: Add extraConfig option 2012-11-12 18:16:04 +01:00
ejabberd.nix ejabberd: tabs->spaces, remove trailing whitespace 2011-02-16 21:03:14 +00:00
firewall.nix firewall.nix: Less verbosity 2013-09-10 15:17:52 +02:00
flashpolicyd.nix * Add a module for a Flash policy server. 2011-09-15 15:13:46 +00:00
freenet.nix Add several missing uids and gids to modules/misc/ids.nix 2013-08-23 11:37:17 +02:00
git-daemon.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
gnunet.nix Add some more missing uids/gids 2013-08-26 15:20:25 +02:00
gogoclient.nix Rename ‘boot.systemd’ to ‘systemd’ 2013-01-16 12:33:18 +01:00
gvpe.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
hostapd.nix add wantedBy network.target so that hostapd starts by default 2013-04-12 23:25:32 -07:00
ifplugd.nix * Fix incorrect default value. 2012-02-20 16:53:44 +00:00
iodined.nix Add iodined, ip over dns daemon 2013-08-05 01:20:55 +02:00
minidlna.nix minidlna: Start after networking.target. 2013-08-27 20:51:34 +02:00
nat.nix Backward compatibility hack for ‘networking.nat.internalIPs’ 2012-10-16 11:28:30 -04:00
networkmanager.nix networkmanager: Add option for appending DNS settings 2013-08-20 13:36:01 +02:00
ntpd.nix Add chrony service 2013-05-23 02:07:49 +00:00
oidentd.nix Add some more missing uids/gids 2013-08-26 15:20:25 +02:00
openfire.nix renamed "all-interfaces" to "networking" 2012-03-04 18:44:42 +00:00
openvpn.nix openvpn: fix type error 2013-06-04 07:45:58 +02:00
portmap.nix * Provide two utility functions in Upstart jobs: "ensure JOBNAME" 2012-03-17 19:12:33 +00:00
prayer.nix Fix prayer so it does not start a server at port 80. 2012-06-10 14:51:43 +00:00
privoxy.nix * Use boot.kernelModules everywhere instead of explicit calls to 2012-03-17 17:26:17 +00:00
quassel.nix Add some more missing uids/gids 2013-08-26 15:20:25 +02:00
radvd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
rdnssd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
rpcbind.nix Rename ‘boot.systemd’ to ‘systemd’ 2013-01-16 12:33:18 +01:00
sabnzbd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
supybot.nix supybot.service: tidy up 2013-08-04 03:56:01 +02:00
tcpcrypt.nix Add support for opportunistic TCP encryption. 2013-09-10 23:32:55 +02:00
tftpd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
unbound.nix Adding extraConfig to unbound 2011-11-03 18:49:54 +00:00
vsftpd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
wakeonlan.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
websockify.nix default-websockify: Stop when reconfigured (i.e. new ports added/removed) 2013-02-18 11:55:46 -05:00
wicd.nix strip trailing whitespace; no functional change 2011-09-14 18:20:50 +00:00
wpa_supplicant.nix wpa_supplicant: Fix wlan interface detection on Linux 3.4 2013-07-15 13:54:15 +02:00
xinetd.nix replace list by listOf using same style as for attrsOf 2013-03-14 17:09:21 +01:00