From 2f30221da385e4bae81d6e13caf79733a078ccc7 Mon Sep 17 00:00:00 2001 From: fram3d Date: Mon, 3 Jul 2023 00:03:51 +0200 Subject: [PATCH] add dns,passwords,random --- slides/dns/dns.md | 54 +++++++++++++++++++++++++++++++++++ slides/passwords/passwords.md | 29 +++++++++++++++++++ slides/random/random.md | 15 ++++++++++ 3 files changed, 98 insertions(+) create mode 100644 slides/dns/dns.md create mode 100644 slides/passwords/passwords.md create mode 100644 slides/random/random.md diff --git a/slides/dns/dns.md b/slides/dns/dns.md new file mode 100644 index 0000000..e6aefe5 --- /dev/null +++ b/slides/dns/dns.md @@ -0,0 +1,54 @@ +# DNS + +# Internet + +- Potrebna je IP adresa (teske za pamcenje, menjaju se) + +- Domeni su citljivi i lako pamptljivi + +- Jedan domen moze da pokazuje na vise IP adresa + +- Dodatne informacije o sajtu/servisu + +# Domeni + +- Par servera sadrzi listu top level domena (com,org,rs,...) + +- Kompanije/organizacije/institucije kontrolisu TLD + +- Domeni mogu imati mnogo subdomena (www.dmz.rs, forum.dmz.rs) + +- Domain registri zakupljuju domene na racun korisnika + +- Svaki subdomen moze imati vise i bilo koju vrstu recorda + +# Uloge + +- Klijent, resolver, name server + +- Klijent moze da trazi IP adresu od resolvera + +- Resolver trazi odgovorni name server za taj domen (rs, dmz.rs, www.dmz.rs) + +- Time to live (TTL) bira nameserver + +- Klijenti koriste vise resolvera, resolveri vise name servera + +- Primary i secondary resolver + +- Master i slave name serveri + +# Vrste zapisa/rekorda + +- A rekord (IPv4 adresa) + +- AAAA (IPv6 adresa) + +- CNAME (drugi/alternativni domen) + +- NS (nameserveri odgovorni za domen) + +- MX (domen/IP email servera) + +- TXT (tekst) + diff --git a/slides/passwords/passwords.md b/slides/passwords/passwords.md new file mode 100644 index 0000000..8c34444 --- /dev/null +++ b/slides/passwords/passwords.md @@ -0,0 +1,29 @@ +# Passwords + +# User + +- different services have different password requirements (special chars, lenghts) +- entropy vs specific rules +- passphrases (easy to remember) +- generating random passwords (humans are bad at random) +- password manager (forgetting passwords): KeePass (also generates passwords) + 1 Master password (needs to be remmebered/written down on physically secure medium) + unlimited number of passwords encrypted with the master password + KeePass requries a login to add a new password + KeePass clears clipboard few seconds after copying the password + some passwords managers are online, which adds risk +- backups are important (passwords more likely to get lost than hacked) +- its good to change passwords reguraly, but it is less important than other good practices + +# Programmer + +- storing user passwords adds risks of hacker gaining a lot of passwords at once +- hash functions create unique data corresponding to each user password from which it can't be directly determined what the password was, but it can be checked if a specifc password hashes to that value +- salted hashes are hash values that are stored with additional data which is added to the password before hashing it, makes each hash value unique, even if two passwords are the same + +# Hacker + +- if the hash function is difficult to calculate for a specific password, it is more secure, since attackers need to spend more resources to check if a specificv password hashes to needed data +- MD5 is too easy to calculate, so a hacker can calculate hash values of many different passwords and check if some of them are same as users hash +- hashcat + diff --git a/slides/random/random.md b/slides/random/random.md new file mode 100644 index 0000000..723c302 --- /dev/null +++ b/slides/random/random.md @@ -0,0 +1,15 @@ +# Random + +# Uses + +- games + +- cryptography + +# Unprdictability + +- Unsafe randoms can be predicted (shouldn't be used in cryptography) + +- Entropy gathering (some OS don't wait on boot to gether entropy, many routers hacked this way) + +- /dev/random is not more secure than /dev/urandom (used to be the case)