add dns,passwords,random

2023-07-03 00:03:51 +02:00 · 2023-07-03 00:03:51 +02:00 · 2f30221da3
commit 2f30221da3
parent 7357bdcca0
3 changed files with 98 additions and 0 deletions
--- a/slides/dns/dns.md
+++ b/slides/dns/dns.md
@ -0,0 +1,54 @@
 # DNS
 # Internet
 - Potrebna je IP adresa (teske za pamcenje, menjaju se)
 - Domeni su citljivi i lako pamptljivi
 - Jedan domen moze da pokazuje na vise IP adresa
 - Dodatne informacije o sajtu/servisu
 # Domeni
 - Par servera sadrzi listu top level domena (com,org,rs,...)
 - Kompanije/organizacije/institucije kontrolisu TLD
 - Domeni mogu imati mnogo subdomena (www.dmz.rs, forum.dmz.rs)
 - Domain registri zakupljuju domene na racun korisnika
 - Svaki subdomen moze imati vise i bilo koju vrstu recorda
 # Uloge
 - Klijent, resolver, name server
 - Klijent moze da trazi IP adresu od resolvera
 - Resolver trazi odgovorni name server za taj domen (rs, dmz.rs, www.dmz.rs)
 - Time to live (TTL) bira nameserver
 - Klijenti koriste vise resolvera, resolveri vise name servera
 - Primary i secondary resolver
 - Master i slave name serveri
 # Vrste zapisa/rekorda
 - A rekord (IPv4 adresa)
 - AAAA (IPv6 adresa)
 - CNAME (drugi/alternativni domen)
 - NS (nameserveri odgovorni za domen)
 - MX (domen/IP email servera)
 - TXT (tekst)
--- a/slides/passwords/passwords.md
+++ b/slides/passwords/passwords.md
@ -0,0 +1,29 @@
 # Passwords
 # User
 - different services have different password requirements (special chars, lenghts)
 - entropy vs specific rules
 - passphrases (easy to remember)
 - generating random passwords (humans are bad at random)
 - password manager (forgetting passwords): KeePass (also generates passwords)
  1 Master password (needs to be remmebered/written down on physically secure medium)
  unlimited number of passwords encrypted with the master password
  KeePass requries a login to add a new password
  KeePass clears clipboard few seconds after copying the password
  some passwords managers are online, which adds risk
 - backups are important (passwords more likely to get lost than hacked)
 - its good to change passwords reguraly, but it is less important than other good practices
 # Programmer
 - storing user passwords adds risks of hacker gaining a lot of passwords at once
 - hash functions create unique data corresponding to each user password from which it can't be directly determined what the password was, but it can be checked if a specifc password hashes to that value
 - salted hashes are hash values that are stored with additional data which is added to the password before hashing it, makes each hash value unique, even if two passwords are the same
 # Hacker
 - if the hash function is difficult to calculate for a specific password, it is more secure, since attackers need to spend more resources to check if a specificv password hashes to needed data
 - MD5 is too easy to calculate, so a hacker can calculate hash values of many different passwords and check if some of them are same as users hash
 - hashcat
--- a/slides/random/random.md
+++ b/slides/random/random.md
@ -0,0 +1,15 @@
 # Random
 # Uses
 - games
 - cryptography
 # Unprdictability
 - Unsafe randoms can be predicted (shouldn't be used in cryptography)
 - Entropy gathering (some OS don't wait on boot to gether entropy, many routers hacked this way)
 - /dev/random is not more secure than /dev/urandom (used to be the case)