====== Netzwerksicherheit ======

“Security is like adding brakes to cars.
The purpose of brakes is not to stop you:
it’s to enable you to go fast!”
--- Gene Spafford

==== Bausteine - Krypto & Konzepte ====

  * [[sec:Authentisierung|Authentisierung]]
  * [[sec:hash|Hash-Funktionen]]
  * [[sec:RSA|RSA]]
  * [[sec:ECC|Elliptische Kurven]]
  * [[sec:modes-of-operation|Betriebsarten von Blockchiffren]]
  * [[sec:passwords|Passwörter]]
  * [[sec:quanten|Quantenkryptographie]]
  * [[sec:random_numbers|Zufallszahlen - Random Numbers]]

  * [[sec:history|Geschichte der Kryptographie]]

==== Protokolle und Anwendungen ====

  * [[sec:TLS|SSL/TLS (Transport Layer Security)]]
  * [[sec:ssh|SSH (Secure Shell)]]
  * [[sec:dnssec|DNSSEC]]
  * [[sec:Firewalls|Firewalls]]
  * [[sec:Blockchain|Blockchain]]
  * [[sec:WebSecurity|Web Security]]
  * [[sec:wlan|WLAN-Security]]

==== Angriffe ====

=== DDoS ===

**2022:**
  * https://blog.cloudflare.com/ddos-attack-trends-for-2022-q1/
  * https://blog.cloudflare.com/26m-rps-ddos/ -- Mantis Botnet
  * [[https://cloud.google.com/blog/products/identity-security/how-google-cloud-blocked-largest-layer-7-ddos-attack-at-46-million-rps?hl=en | Google Meris Botnet - HTTP Pipelining]]
    * https://portswigger.net/daily-swig/meris-botnet-leverages-http-pipelining-to-smash-ddos-attack-records
**2023**
  * [[https://www.spiegel.de/netzwelt/web/ddos-attacken-amazon-google-und-cloudflare-melden-bisher-groesste-ueberlastungsangriffe-a-64bc6170-637b-463b-80d3-c74ccebb1ee8| Spiegel-Online: bislang größter DDoS Angriff]]
  * [[https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps?hl=en|Google mitigated the largest DDoS attack to date, peaking above 398 million rps]]
  * [[https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack?hl=en|How it works: The novel HTTP/2 ‘Rapid Reset’ DDoS attack]]

==== Tools & Blogs ====


  * [[sec:Krebs|Krebs on Security]]
  * [[sec:osint|OSINT Tools]]
  * [[sec:wtf|'WTF' this is bad]]
  * [[sec:downloads|Downloads]]
  * [[https://www.hackthebox.com/hacker/pricing|Hack the Box]]

  * [[https://www.privacyaffairs.com/dark-web-price-index-2020/|Dark Web Price Index 2020]]\\
  * [[http://wiki.crypto.rub.de/Buch/en/movies.php|Online-Kurs der Ruhr University Bochum]]\\
  * [[https://www.heise.de/developer/artikel/CogniCrypt-Kryptografie-richtig-nutzen-4211551.html?seite=all|Heise.de: CogniCrypt-Kryptografie richtig nutzen]]\\
  * [[https://www.heise.de/developer/artikel/Was-man-ueber-Kryptografie-wissen-sollte-5001908.html]]\\
  * https://www.heise.de/developer/artikel/Verschluesseln-mit-elliptischen-Kurven-5026753.html