The Berkeley Packet Filter was developed in 1992 to filter, receive, and send data packets securely. The filter forms interfaces with security layers which are tasked with recognizing incoming corrupted data contents, for example. This allows them to be discarded or corrected right away. We explain how the BPF works.
Sending data over networks is one of the most important and highest utilized functions of the modern computer era. But the structure of the necessary TCP/IP connections makes it all too easy for criminals to intercept data packets along their way and either view or alter their contents. One of the most common methods of attack is IP spoofing, which allows DoS and DDoS attacks, among other things...
When it comes to network security, administrators focus primarily on attacks from the internet. But often times, the danger lurks in the internal network. If the LAN turns out to be a blind spot in the security IT, then internal attackers have an easy time. A popular method of attack is ARP spoofing. With this, hackers switch undetected between two communication partners in order to intercept,...
SSL/TLS certificates play an increasingly important role in the transmission of sensitive data. They guarantee that data packets reach the desired addressee without any detours. Problems only arise when internet users are deliberately redirected by invalid certificates from dubious certification bodies – a scenario that can be prevented using so-called HTTP public key pinning (HPKP).
The risk for businesses to fall victim to a zero-day exploit has increased in recent years. More and more often, cybercriminals can take advantage of as-yet undiscovered weak points in business software in order to steal or manipulate data. It is difficult to protect against these attacks, but businesses can take some measures to improve their security.
If you ask the IT community which malware is the most harmful, the answer is typically not viruses, worms or Trojan horses. Experts unanimously agree that rootkits pose much greater problems even to experienced users. The rootkit’s special ability is to conceal other malware and thereby enable cybercriminals to misuse others’ computers for their own criminal activities undetected – such as for bot...
Criminals are constantly trying to exploit Internet vulnerabilities and harm users. One common type of cyberattack is a cross-site request forgery attack, or CSRF. Hackers use these attacks to make purchases and transfer money on a user’s behalf without the victim noticing. How can these attacks be prevented?
The Domain Name System has a big security flaw: requests and responses are traditionally sent unencrypted. This provides Internet criminals with an ideal point of attack. Again and again, users are being directed to websites that they actually have no desire to visit. DNS over TLS acts as a deterrent. How does the security concept work?
Technically, the Domain Name System (DNS) is a good thing because it allows you to access a website using its URL rather than its IP address. The domain address is then automatically interpreted as an IP address – thanks to the DNS. But despite these performance benefits, the system carries a significant risk: DNS Hijacking. The practice is simple: a hacker accesses a user’s device configuration...
Try and imagine a world where you don’t have to memorize passwords: Thanks to FIDO2, this could soon become a reality. Authentication in online stores or for online banking can be done through a fingerprint or hardware token. The latter can communicate with laptops of PCs through a USB, NFC or Bluetooth. To enable conversations between two devices, FIDO2 uses the Client to Authenticator Protocol...
Provide powerful and reliable service to your clients with a web hosting package from IONOS.
