From: 2weiEmu <saalbach.robert@outlook.de>
Date: Wed, 16 Apr 2025 20:17:45 +0000 (+0200)
Subject: addition to CS cheatsheet
X-Git-Url: https://git.saalbach.dev/?a=commitdiff_plain;h=207b35bee54f5da22349faa5156c5ef5ff7ce200;p=research-obsidian.git

addition to CS cheatsheet
---

diff --git a/.obsidian/app.json b/.obsidian/app.json
index dd6a8ed..1735354 100644
--- a/.obsidian/app.json
+++ b/.obsidian/app.json
@@ -6,7 +6,7 @@
     "includeName": true,
     "pageSize": "A4",
     "landscape": false,
-    "margin": "0",
+    "margin": "2",
     "downscalePercent": 100
   },
   "promptDelete": false
diff --git a/.obsidian/workspace.json b/.obsidian/workspace.json
index d37f7ae..a23dd30 100644
--- a/.obsidian/workspace.json
+++ b/.obsidian/workspace.json
@@ -13,7 +13,7 @@
             "state": {
               "type": "markdown",
               "state": {
-                "file": "People/Ruxi.md",
+                "file": "University/Computer Security/Cheatsheet (extensive, draft).md",
                 "mode": "source",
                 "source": false,
                 "backlinks": true,
@@ -28,7 +28,7 @@
                 }
               },
               "icon": "lucide-file",
-              "title": "Ruxi"
+              "title": "Cheatsheet (extensive, draft)"
             }
           }
         ]
@@ -54,7 +54,7 @@
                 "autoReveal": true
               },
               "icon": "lucide-folder-closed",
-              "title": "Files"
+              "title": "File explorer"
             }
           },
           {
@@ -161,10 +161,10 @@
   },
   "left-ribbon": {
     "hiddenItems": {
+      "daily-notes:Open today's note": false,
       "switcher:Open quick switcher": false,
       "graph:Open graph view": false,
       "canvas:Create new canvas": false,
-      "daily-notes:Open today's daily note": false,
       "templates:Insert template": false,
       "command-palette:Open command palette": false,
       "excel:Create Excel File": false,
@@ -175,8 +175,10 @@
   },
   "active": "b32655feb9b7d9db",
   "lastOpenFiles": [
+    "Pasted image 20250416221211.png",
+    "Pasted image 20250416221155.png",
     "People/Ruxi.md",
-    "University/Computer Security/Cheatsheet (mmm for exam).md",
+    "University/Computer Security/Cheatsheet (extensive, draft).md",
     "University/Human Computer Interaction/Untitled.md",
     "University/Computer Security",
     "University/Human Computer Interaction",
@@ -211,7 +213,6 @@
     "Bundesverfassungsgericht/References on Bundesverfassungsgericht.md",
     "University/Algorithm Design/Resources.md",
     "University/Algorithm Design/Greedy.md",
-    "AI/Thoughts on the Ethics of AI.md",
     "People",
     "University/HCI",
     "University/Algorithm Design",
diff --git a/Pasted image 20250416221155.png b/Pasted image 20250416221155.png
new file mode 100644
index 0000000..b6a478a
Binary files /dev/null and b/Pasted image 20250416221155.png differ
diff --git a/Pasted image 20250416221211.png b/Pasted image 20250416221211.png
new file mode 100644
index 0000000..f5f8cc9
Binary files /dev/null and b/Pasted image 20250416221211.png differ
diff --git a/University/Computer Security/Cheatsheet (extensive, draft).md b/University/Computer Security/Cheatsheet (extensive, draft).md
new file mode 100644
index 0000000..fe30654
--- /dev/null
+++ b/University/Computer Security/Cheatsheet (extensive, draft).md	
@@ -0,0 +1,159 @@
+# Network Sec.
+## Firewalls
+1. **Packet Filtering Firewall**: Simple firewall that checks packet (semi-) independently.
+2. **Application-Level Firewall**: More complex traffic patterns, allowing finer control (but requires more resources)
+
+Layered Defence:
+	Implement a multi-layered security approach to address different levels of threats.
+
+### Threat vs. Harm
+> Threat = A potential danger that could cause harm
+> Risk = The likelihood that the threat will actually exploit a vulnerability and cause damage
+Risk = Likelihood * Impact
+
+Threat Model:
+	A strategic framework that identifier potential attacks and adversaries
+
+## Types of Threat Actors
+| Threat Actor     | Motivation           |
+| ---------------- | -------------------- |
+| Cybercriminal    | Profit               |
+| Nation State     | Geopolitical         |
+| Terrorist Groups | Ideological Violence |
+| Thrill-Seeker    | Satisfaction         |
+| Insider Threats  | Discontent           |
+| Hackers          | Variable             |
+
+Coordinated Vulnerability Disclosure (CVD):
+	CVD is an ethical practice where security researchers or individuals who discover a vulnerability responsibly report it 
+
+Bug Bounties:
+	Ethical hackers hunt for rewards in discovering and report vulnerabilities.
+
+
+### Cyber Kill Chain:
+1. Recon
+2. Weaponisation
+3. Delivery
+4. Exploitation
+5. Installation
+6. Command and Control (C2)
+7. Actions on Objectives
+
+Detecting Criminals can be based on multiple things:
+1. Hash Values
+2. IP Addresses
+3. Domain Names
+4. Network / Host Artifacts
+5. Tools
+6. Tactics, Techniques and Procedures
+
+Defense in Depth: cybersec. strategy that involves deploying multiple layers of security (layered security)
+
+Usable Security: If your security is not very usable this can pose its own security risks.
+
+CIA Triad:
+	The CIA Triad contains the three security essential goals in Cyber Security
+		1. Confidentiality
+		2. Integrity
+		3. Availability
+
+Confidentiality can be achieved with:
+- Encryption
+- Access Control Systems
+- Policies an Governance
+
+Integrity with:
+- Data validation
+- Change Management and Version Control
+
+Availability:
+- Redundancy and failover
+- Load balancing
+- Monitoring and alerting
+
+# Physical Layer
+This includes: Servers, Cabling, Storage Devices, Network Equipment, Acess Points and Entry doors. You need to limit this kind of access, otherwise even the most secure system is vulnerable.
+
+Access control:
+	Only the people that should have authorised access, should be able to go there.
+
+Types of Access Control:
+- Physical Barriers
+- Authentication Systems
+- Surveillance & Monitoring
+- Visitor Management
+
+Cables can be tapped.
+This can be detected, either with phyiscal inspection, signal strength analysis and cable testing. You can both tap glass-fibre and copper.
+
+Cables can generate Electro-magnetic interference.
+Rodent and Pest Damage.
+
+Typically critical systems are air-gapped, can only be acccessed from specific places, that are physically protected.
+Sometimes even with data diodes.
+
+**Guided Medium**:
+	A communication channel where the signals are guided along a physical path.
+	e.g. Copper Cables, Fibre Cables etc. etc.
+	Physical access is needed
+
+**Unguided Medium**:
+	Refers to a communication channels where the signals propagate freely through the air or space
+	e.g. Radio or Infrared
+
+Unguided can be controlled through range, directional attenas etc.
+
+Signal security:
+- Spread signals to prevent jamming
+- Frequency hopping aims to change freqs. very fast in a pattern that is unknown to an attacker
+- Authenticating and encrypting data sent over wireless can ensure integrity and confidentiality
+
+Spoofing: In the case of IP Spoofing, making a server's response to go someone else, not you.
+Denial of Service: An Attack that floods a victim's network with traffic, making it unavailable
+
+Types of DDoS:
+- Volumetric Attack (loads of stuff)
+- Protocol Attacks (break the protocol in some way)
+- Application Layer Attacks (target specific apps)
+
+Volumetric:
+Amplification Attack: Use an intermediary that returns a large response, in order to overwhelm stuff.
+
+Can be done with a lot of protocols: commonly UDP.
+People love DNS to do DoS
+
+Protocol:
+TCP SYN Flood is a common protocol attack
+You Spoof a SYN packet, and make it send SYN ACKS to people, and because the bot doesn't ever send an 'ACK' it leaves the server waiting, and sometimes wasting memory space.
+
+This can be mitigated by, e.g. not using memory to keep this state but using a crypto validation instead on the number.
+
+The SYN-ACKS that go nowhere are 'backscatter'
+
+Application lyer attack: HTTP Flood
+Cannot be spoofed. Requests a lot of large files.
+Cannot be spoofed because HTTP requires TCP.
+
+HTTP/2 RAPID RESET ATTACK
+Request, and Reset, all the time
+
+![[Pasted image 20250416221155.png]]
+
+
+![[Pasted image 20250416221211.png]]
+HTTP 2 attack
+
+How to mitigate DDoS attacks:
+- Redundant network infrastructure (no single point of failure)
+- Traffic filtering
+- Content Delivery Networks (distribute and cache content)
+- Web Application Firewalls (try to identify malicious traffics)
+
+Botnets:
+A botnet is a network of compromised computers that are under the control of a single entity, usually a malicious actor.
+Spreading malware, stealing sensitive info, DDoS
+
+Architecture:
+Infected Devices, Command and Control (C2), Communications Channels (basically everything is used here)
+
diff --git a/University/Computer Security/Cheatsheet (mmm for exam).md b/University/Computer Security/Cheatsheet (mmm for exam).md
deleted file mode 100644
index e69de29..0000000