Security

Firewall

• iptables
• Shorewall
• Firewall-Daemon

Tools

• fail2ban: Daemon to ban hosts that cause multiple authentication errors

Authentication

My notes on authentication

Kerberos

My notes on Kerberos

LDAP

Lightweight Directory Access Protocol
Wikipedia
CIT: GitLab server
LiL course LDAP+Kerberos

Hardware keys

Tags: #hw/security

YubiKey

Tags: #tech/yubikey

NitroKey

https://www.nitrokey.com/#comparison

Software

TABLE WITHOUT ID
("[" + title + "](" + file.path + ")") AS "Name",
("[Website](" + url + ")") AS "Links",
(join(file.tags,", ")) AS "Tags"
WHERE type = "software" and contains(category,"security") AND contains(file.folder,"public/tech")

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

• (OWASP) ZAP
• Burp Suite

Vulnerabilities

Website maintainers can provide a security.txt file to give security companies and white hackers standardised information on how to report vulnerabilities.

Password management

• ripasso: password manager written in Rust

pass

https://www.passwordstore.org/

The pass command with otp support is also quite usefull. Esp. when combined with unishare or dropbox.
Esp. pass otp -c <account> is handy.

openSUSE installation

sudo zypper install password-store pass-otp

AddOns

• passff: Firefox plugin

Passkey

https://passkeys.io

A passkey is a new way to sign in that works completely without passwords. By using the security capabilities of your devices like Touch ID and Face ID, passkeys are way more secure and are easier to use than both passwords and all current 2-factor authentication methods.