| last update: 2017-08-13

IT-Security Resources

very useful:

in german


  • USA
    • Defcon
    • Blackhat
    • RSA Conference
  • Germany
    • Chaos Communication Congress
    • Sigint

IT-Security 101: Best Practices

absolute basics

Perfect security of IT systems is illusionary. Even government systems and big corporations get hacked. Yet there are some basic measures / rules that transform an easy prey for script kiddies into a reasonably secure system.

  • Staying up to date
    Certainly one should keep software updated to the latest patch level. Beside that one should also keep track of new threats to the IT infrastructure.
  • Antivirus software
    Although Antivirus software is quite inefficient against new or tailored attacks it helps blocking known attacks.
    VirusTotal is a subsidiary of Google. This service analyzes files and URLs to identify viruses, worms, trojans and other kinds of malicious software. It is possible to upload files with a maximum size of 64 Megabyte. The service calculates a cryptographic checksum before uploading a file to avoid multiple uploads of the same file. If the file has been checked before one can rerun the test without uploading it again.
  • Avoiding linked accounts / No password reuse
    Many websites force their user to use "secure" passwords that are long, contain special characters and numbers. This helps against brute force password guessing, but people now tend to use the same password on many sites. If one of those sites gets hacked it may be the case that the hacker gains access to the clear text password or a weak hash of it. In this moment the other accounts of this person are easy prey for the hacker who can use automated tools to test gained passwords on other accounts within seconds.
    Admittedly not every site needs a unique password. However everything linked with cash and payment should have in any case strong and unique passwords. If hackers gain access to passwords they often get the reset email. This email address should have a unique password too as otherwise the hacker avoids cracking other accounts through brute force by simply resetting their passwords.
    If possible two factor authentication should be used to protect accounts used to handle money or purchases and the mail account which is used to handle password resets of other accounts!
    Another problem is that some accounts control access to too many aspects of people's life's. The journalist Mat Honan had to cope with massive data loss as (among others) his Google Account and AppleID were taken over. His case illustrates the risks.
  • Using encrypted connections
    The best passphrase is useless if transmitted unencrypted in a public network. So use SSL encrypted connections whenever possible.
  • Backup
    Basic requirements:
    • off-site
      Data and Backup should not be in the same building because it could burn down or intruders steal both.
    • encrypted
      All critical data have to be encrypted in case someone gains access to the backup media.
    • tested
      Is it possible to replay the data? How durable are the backup-media?
    • up to date
      What use has an outdated backup?
    • readable file format
      File Backups should be in well documented and widely used file formats. The development of some applications might be ceased or they will not run on a new version of the operating system. There are formats especially for backup purposes like PDF/A.

Advanced Topics


© xkcd

Encryption is essential for mobile systems as they get stolen frequently.

Warning: In some countries it is illegal to use encryption software. Law enforcement agencies may coerce you into decrypting your data.

Encryption Software
Name License Comment
GNU Privacy Guard / GnuPG Open Source
TrueCrypt Open Source The creators of TrueCrypt gave up development in may 2014 and issued a statement saying the software would be insecure.
RSA commercial RSA security is a division of the EMC Corporation and headquartered in the United States.
Utimaco commercial
Bitlocker commercial Integrated into certain versions of Microsoft Windows. Easy to use.

Intrusion Detection

Snort is a common Intrusion Detection System (IDS). Wireshark is a classic tool to analyze network traffic and to spot intruders.

rsyslog. Further reading: in german

Database-Security 101

  • Input Sanitization & Prepared Statements
    To avoid SQL-Injections
  • Access Control
    Use SQL-commands like GRANT or REVOKE to tailor user permission.
  • Backups
  • Encryption and salted hashs
  • Reducing data
    Needless data should be deleted. This saves backup-capacity, speeds up searches and in case of a security breach less data is exposed.
  • Database Activity Monitoring and Audit-Logs