HSTS: Reliably secure your HTTPS connections

HSTS: How the HTTPS expansion works

HTTPS, the network protocol for TLS-encrypted data transfer online can be circumvented in some cases. The danger is that encrypted websites can be accessed via unencrypted HTTP. But the HTTPS extension HSTS (HTTP Strict Transport Security) forces website access via TLS encryption, closing the security gaps that hackers like to use to intercept the HTTPS connection during transport using...

IP Spoofing: Fundamentals and counter-measures

IP Spoofing: Simple manipulation of data packets by attackers

Sending data over networks is one of the most important and highest utilized functions of the modern computer era. But the structure of the necessary TCP/IP connections makes it all too easy for criminals to intercept data packets along their way and either view or alter their contents. One of the most common methods of attack is IP spoofing, which allows DoS and DDoS attacks, among other things...

QUIC – the Internet Transport Protocol based on UDP

QUIC: What is behind the experimental Google Protocol?

Quick UDP Internet Connections (QUIC for short), is an experimental network protocol from Google. Further development of the protocol is being driven by IETF, which has set up a dedicated group working towards it. The QUIC protocol is intended to offer a speed-optimized alternative to the current transport standard TCP and builds on the connectionless protocol UDP to achieve this.

S/MIME: the standard method for e-mail encryption

S/MIME: how to encrypt and sign your e-mails

If you send an e-mail without additional security measures, it’s like sending a postcard: if everything goes as planned, the information should arrive unchanged and unread in the recipient’s inbox. However, if someone intercepts the card or the e-mail in transit, they can read the contents without any problem and make as many changes as possible. Just like you would use an opaque envelope to...

HTTPoxy: Behind the CGI vulnerability

HTTPoxy: Threatening the security of CGI applications

Fifteen years after the discovery of the security flaw HTTPoxy, it’s still an issue with CGI applications. The reason for this is the fact that the Common Gateway Interface standard provides the use of environment variables to process HTTP requests. These can include header contents that modify the original proxy configuration, allowing hackers to redirect data packets to a completely foreign...

Finding a website host: how to search successfully

Host: how to find out which provider is most suitable for your project

If you want to release a new web project today, you need to find the right host. Hosts have become a popular alternative for large companies, since they enable convenient outsourcing of certain work areas or data, saving company resources. But how do you know which host and which hosting package best meets your needs? And why is the provider’s security concept such a crucial criterion nowadays?

Comparison of the best antivirus programs

The importance of antivirus programs

Antivirus programs have become essential for the security of our computers. Viruses, worms, trojans, and many other types of malware threaten to infect the system and cause considerable damage. Losing personal data and the consequences resulting from this can be extremely irritating. Software manufacturers are trying to combat malicious malware attacks with the help of intelligent antivirus...

WLAN security: the best protection for your network

WLAN security: how to make your wireless network into a fortress

When you’re traveling with portable devices, you’ll find public WLAN everywhere, giving you access to the world wide web. Even in residential and work spaces, practical wireless networking is widespread. It’s easy to forget that there’s a risk involved when transferring data using one of these access points. In the following article, we explain the biggest security risks and show you how to make...

Intrusion detection systems and prevention systems

The intrusion detection and intrusion prevention systems at a glance

A stable network is characterized not only by the appropriate hardware structures, but also by a watertight security concept. In addition to back-up solutions and intelligent fail-safe systems, protection against external access attempts is a must. Intrusion detection systems (IDS) and intrusion protection systems (IPS) are an excellent addition to the classic firewall and are therefore a sensible...

Port scanning: introduction and basics

How port scanning contributes to your system’s security

It’s easy to lose track of all the different programs that are responsible for inbound and outbound data traffic. Networks hosting a large number of computer systems that are constantly communicating with online services often require technical backup. High-performance tools check the activities of various applications or computers and can close existing security gaps. Using port scanners is one...