During the last few months, the concept of Perfect Forward Secrecy (PFS) was presented in many newspapers and guidelines. This concept is related to the session key generation for SSL/TLS as well as for IPsec tunnels. And even though many of these articles describe the benefit of PFS, I was still missing a picture that shows the main difference between the classical key exchange via RSA and the exchange via Diffie-Hellman with PFS. So, here comes my poster. ;)
Tag Archives: Overview
At a Glance: HTTP Proxy Packets vs. Normal HTTP Packets
I am currently in touch with a few HTTP proxy installations. As every time when troubleshooting network issues, I am looking at Wireshark on the network and trying to understand the different packets.
Here is a short overview of the differences between HTTP requests that are sent directly to the destination and HTTP requests that are sent via a proxy. Wireshark screenshots and a downloadable pcap round things up.
Continue reading At a Glance: HTTP Proxy Packets vs. Normal HTTP Packets
At a Glance: False Positive
I am always struggling with the definition of a “false positive” though it should be easy. Since I love figures that point out the most important facts I drew one concerning the false positive etc. structure. It is based on the example of a malware detection in which an engine decides whether a piece of software is a malware or not. Here it is:
Das Kleine 1×1 der Internet-Sicherheit
Mit diesem Blogeintrag möchte ich die Grundlagen der Computer-/Internet-Sicherheit auflisten, die jeder Benutzer eines PCs und des Internets im Allgemeinen kennen sollte.
Es geht mir nicht um komplizierte Details, sondern um relativ einfach anwendbare Tipps in Bezug auf eine sichere Verwendung des Internets und des heimischen PCs. Jeder User sollte sich zumindest mit den grundlegenden technischen Begebenheiten auseinandergesetzt haben, bevor er mit seinem PC umgeht. Da kommt leider keiner drum herum. Daher hier eine Auflistung der Maßnahmen für eine sichere Nutzung, quasi das Kleine 1×1 der Internet-Sicherheit. Continue reading Das Kleine 1×1 der Internet-Sicherheit
IPv6 Security – An Overview
I wrote a very small summary of my IPv6 Security master thesis which gives an introduction to several IPv6 security issues. People that are interested in IPv6 security are welcome to read this summary prior to study the whole master thesis. In this way, they will get an overview of IPv6 security issues before they are flooded with too many details. ;) I wrote this article for the RIPE Labs (published here), but since it gives a good overview about my thesis, I publish it here, too.