๐ก๏ธ
Security Protocols Cheat Sheet
SSL/TLS versions, IPsec, SSH, and VPN protocols
| Protocol | Year | Status | Port | Use Case | Notes |
|---|---|---|---|---|---|
| SSL 2.0 | 1995 | Deprecated | 443 | Legacy HTTPS (insecure) | Vulnerable, never use |
| SSL 3.0 | 1996 | Deprecated | 443 | Legacy HTTPS (insecure) | POODLE vulnerability |
| TLS 1.0 | 1999 | Deprecated | 443 | Legacy web encryption | BEAST vulnerability, avoid |
| TLS 1.1 | 2006 | Deprecated | 443 | Transitional | No longer considered secure |
| TLS 1.2 | 2008 | Active | 443 | Standard web encryption | Widely supported, secure |
| TLS 1.3 | 2018 | Recommended | 443 | Modern web encryption | Fastest, most secure, 1-RTT |
| IPsec | 1995 | Active | 500/4500 | VPN tunnels, site-to-site | AH (auth) + ESP (encrypt) |
| IKEv1 | 1998 | Legacy | 500 | IPsec key exchange | Replaced by IKEv2 |
| IKEv2 | 2005 | Active | 500/4500 | IPsec key exchange | Faster, NAT traversal |
| SSH | 1995 | Active | 22 | Secure remote access | Replaces Telnet |
| SFTP | 1997 | Active | 22 | Secure file transfer | Runs over SSH tunnel |
| FTPS | 1996 | Active | 990 | FTP over TLS | Implicit (990) or Explicit (21) |
| HTTPS | 1994 | Active | 443 | Secure web browsing | HTTP + TLS encryption |
| LDAPS | 1997 | Active | 636 | Secure directory access | LDAP over SSL/TLS |
| SNMPv3 | 2002 | Active | 161/162 | Secure network management | Auth + encryption, use this |
| DNSSEC | 2005 | Active | 53 | DNS integrity verification | Prevents DNS spoofing |
| DoH | 2018 | Active | 443 | DNS over HTTPS | Privacy-focused DNS |
| DoT | 2016 | Active | 853 | DNS over TLS | Encrypted DNS queries |
| WireGuard | 2020 | Active | 51820 | Modern VPN protocol | Fast, minimal code |
| OpenVPN | 2001 | Active | 1194 | VPN tunneling | Flexible, widely used |
โ ๏ธ Deprecated Protocols
SSL 2.0, SSL 3.0, TLS 1.0, and TLS 1.1 are all deprecated. Use TLS 1.2 minimum, prefer TLS 1.3.