externe links

“It's better to have something to remember than anything to regret.”
- Frank Zappa


 (Stand 12.01.2019)

Domains und IP-Adressen (whois)

afrinic Africa - afrinic whois query
apnic Asia Pacific - apnic whois query
arin North America - arin whois query
lacnic South America - lacnic whois query
ripe EMEA - ripe whois query
ripn Russian Institute for Public Networks
   
denic de - denic whois query
internic internic whois query
core CORE Internet Council of Registrars whois
whois.net NTT whois.net
netsol Network Solutions

Hardware ID's und MAC Adressen

IEEE IEEE Registration Authority
FCC ID FCC ID Database Search
CaveBear Ethernet Codes master page
PCI ID's The PCI ID Repository

 

IP-Adressbereiche / Ports / Types

IANA IPv4 IANA IPv4 Address Space Registry
IANA IPv4 Mcast IPv4 Multicast Address Space Registry
IANA IPv4 ICMP IPv4 ICMP Type Numbers and Code Fields
   
IANA IPv6 Internet Protocol Version 6 Address Space
IANA IPv6 ICMP IPv6 ICMP Type Numbers and Code Fields
   
IANA Port Numbers Service Name and Transport Protocol Port Number Registry
  

RFC's - Request For Comments

RFC Editor RFC Editor Homepage
RFC Archive Internet RFC/STD/FYI/BCP Archives
IETF Tools PDF conversion of IETF documents

Zertifikate

 crt.sh Certificate Search
  

IT Sicherheit

IP check Welche Informationen über Ihren Rechner werden an eine Webseite, die Sie aufrufen, weitergegeben
HTTP Header Check Your browser software transmitted the following HTTP headers ...
Anonymity & Privacy Check  Test if your Network, your Proxy, your System, your Browser Settings, and your privacy plugins conceal your identity and keep you anonymous or simply ruin your Privacy
Panopticlick Panopticlick tests your browser to see how unique it is based on the information it will share with sites it visits.
SSL Server Test SSLLabs - performs a deep analysis of the configuration of any SSL web server
htbridge SSL Test Test SSL/TLS implementation of any service on any port for compliance with PCI DSS requirements, HIPAA guidance and NIST guidelines.
Mozilla Server Test Observatory by Mozilla is designed to help developers, system administrators and security professionals to configure their sites safely and securely
SSL Configuration Generator Mozilla: generate SSL/TLS configurations for all types of webservers (apache/nginx/lighttpd/etc.)
Mozilla's Server Side TLS Guidelines The goal of this document is to help operational teams with the configuration of TLS on servers
SSL Browser Test
Uni Hannover - gives you information on the SSL cipher suites your browser supports for securing HTTPS connections
SSL Browser Capabilities
SSLLabs - The SSL client test shows the SSL/TLS capabilities of your browser.
badssl
badssl.com is meant for manual testing of security UI in web clients
Fingerprint Central
This website aims at studying the diversity of browser fingerprints and providing developers with data to help them design good defenses.
HTTP Evader Test Site The HTTP Evader test site offers various tests of browser and firewall behavior.
logjam attack
Websites, mail servers, and other TLS-dependent services that support DHE_EXPORT ciphers are at risk for the Logjam attack.
sectools.org Network Security Tools
All About Skimmers Krebs on Security:  ATM skimmers
EAST European ATM Security & Fraud Prevention
Network Tap's Receive-only UTP cables and Network Taps
EICAR EICAR Anti-Virus Testfile
PacketLife The site's goal is to offer free, quality technical education to networkers all over the world
SpyFiles 4 WikiLeaks releases previously unseen copies of weaponised German surveillance malware. This full data release will help the technical community build tools to protect people from FinFisher.
DETEKT Detekt is a free tool that scans your Windows computer for traces of known surveillance spyware used to target and monitor human rights defenders and journalists around the world.
Do Not Track Do Not Track ist eine personalisierte Web-Serie von arte, BR und Anderen über das Geschäft mit unseren Daten, in der aufgezeigt wird, wie Informationen über Sie gesammelt und genutzt werden.
safeinternetbanking safe internetbanking.be is an initiative of Febelfin, the Belgian Financial Sector Federation.
security planner Security Planner is an easy-to-use guide with expert-reviewed advice for staying safer online. Security Planner recommendations are made by a committee of experts in digital security and have gone through a rigorous peer review evaluation, led by the Citizen Lab.
Cracked Labs
Institut für kritische digitale Kultur
Was sich aus unseren Einkäufen, Telefonaten und Facebook-Likes berechnen lässt. Wie tausende Unternehmen heimlich unser Alltagsverhalten überwachen, uns penibel einordnen und bewerten – und unsere intimsten Details an Handel, Versicherungen, Finanz- und Personalwirtschaft verkaufen.
internet.nl Internet.nl is an initiative of the Internet community and the Dutch government. Test for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS and DANE.

 

IT Sicherheit - Datenbankabfragen

PUNKSpider A global web application vulnerability search engine
SHODAN Shodan is the Google for hackers.
The GHDB is an authoritative source for querying the Google search engine. In the GHDB, you will find search terms for files containing usernames, vulnerable servers, and even files containing passwords.
Censys is a search engine that enables researchers to ask questions about the hosts and networks that compose the Internet. Censys collects data on hosts and websites through daily scans of the IPv4 address space.

 

IT Sicherheit Organisationen

BSI Bundesamt für Sicherheit in der Informationstechnik
ENISA European Union Agency for Network and Information Security
NSA National Security Agency
FIRST the global Forum for Incident Response and Security Teams
SANS SANS Internet Storm Center
ACDC ACDC, the European Cyber Defence Centre, is a community of stakeholders joining forces to fight botnets.

 

IT Sicherheit in Deutschland

BSI Bundesamt für Sicherheit in der Informationstechnik.
DFN-CERT DFN-CERT Services GmbH
CERT-Verbund Allianz deutscher Sicherheits- und Computer-Notfallteams
CERT-Bund Das Computer-Notfallteam des BSI
BSI Online Meldung BSI/ACS Meldeformular für Cyber-Angriffe
BKA Handlungs-empfehlungen BKA Handlungsempfehlungen für die Wirtschaft in Fällen von Cybercrime
BSI für Bürger BSI für Bürger / BürgerCERTIT Sicherheit in Deutschland
HmbBfDI Hamburgischer Beauftragter für Datenschutz und Informationsfreiheit (HmbBfDI)
ULD Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
LFD Landesbeauftragter für den Datenschutz Niedersachsen
LDI Landesbeauftragter für Datenschutz und Informationsfreiheit Nordrhein-Westfalen
DSiN Deutschland sicher im Netz e.V.: Materialien für Unternehmen
Anti-Prism-Party Handouts und Anleitungen zu den einzelnen Schutzmechanismen sowie eine Zusammenstellung hilfreicher Links zu den Themen der Anti-Prism-Party.
Cloud-Computing Die Orientierungshilfe "Cloud-Computing" richtet sich an Entscheidungsträger, betriebliche und behördliche Datenschutzbeauftragte sowie an IT-Verantwortliche
Datenschutz-Wiki Wiki der Bundesbeauftragten für den Datenschutz und die Informationsfreiheit (BfDI): das wichtigste Wissen zum Datenschutz und zur Informationsfreiheit in kompakter und übersichtlicher Form.
Deutsch-französisches IT-Sicherheitslagebild Die erste Ausgabe des Deutsch-französischen IT-Sicherheitslagebilds legt den Schwerpunkt auf das Thema Ransomware.

 

IT Sicherheit - Angriffe

Francophoned A Sophisticated Social Engineering Attack
DDoS-Story Am 23.10.2014 und 24.10.2014 führten Unbekannte DDoS-Attacken auf die sipgate Infrastruktur durch.
Fidor Bank Seit Freitag, 24.10.2014 ist die Fidor Bank Ziel mehrerer DDoS-Attacken in Verbindung mit einem Erpressungsversuch. (toter Link, siehe Bericht auf golem.de)
Carbanak Cybergang „Carbanak“ stiehlt eine Milliarde US-Dollar von 100 Finanzinstituten weltweit (15.2.2015)
Equation reprogram the hard drive firmware of over a dozen different hard drive brands, including Seagate, Western Digital, Toshiba, Maxtor and IBM
rowhammer a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows
DROWN DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS
CacheBleed CacheBleed is a side-channel attack that exploits information leaks through cache-bank conflicts in Intel processors.
Zentralbank Bangladesch Hacker sollen Bangladesch 81 Millionen Dollar gestohlen haben
VPNfilter Mindestens 500000 Router in 54 Ländern sind mit Malware infiziert, die einen Reboot übersteht. Betroffen von VPNFilter sind Router von Linksys, MikroTik, NETGEAR and TP-Link networking equipment im SOHO Bereich sowie QNAP network-attached storage (NAS) Geräte.

 

IT Sicherheit - Angriffsvisualisierung

Sicherheitstacho Deutsche Telekom, gerade aktuell laufende Angriffe auf Honeypots
Norse Norse’s attack map
Cyber Threat Map The Cyber Threat Map from FireEye
malwaretech view maps which display the geographical distribution of malware infection

 

  

IT Sicherheit - Software

Nessus Nessus Security Scanner (Tenable)
OpenVAS OpenVAS Security Scanner
OWASP The Open Web Application Security Project
Nikto Nikto is an Open Source web server scanner
Arachni Open Source, feature-full, modular, high-performance framework aimed towards helping penetration testers and administrators to evaluate the security of web applications.
pyrit Attacking WPA/WPA2 by brute-force
VeraCrypt VeraCrypt is a free disk encryption software that is based on TrueCrypt.
seL4  The world's first operating-system kernel with an end-to-end proof of implementation correctness and security enforcement is available as open source
sqlmap sqlmap is an open source penetration testing tool for detecting and exploiting SQL injection flaws and taking over of database servers
testssl testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
hashcat tools for cracking hashed passwords
mimikatz Windows tool to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory. mimikatz can also perform pass-the-hash, pass-the-ticket or build Golden tickets.
golismero GoLismero is a free software framework for security testing
mapWOC mapWOC is a secure and powerful high-interactive client-side honeypot to verify the integrity of websites and identify malicious falsified content.

 

IT Sicherheit - Industrial Control

enisa Good practice guide for CERTs in the area of Industrial Control Systems, Computer Emergency Response Capabilities considerations for ICS
BSI ICS Kompendium Grundlagenwerk für die IT-Sicherheit in Automatisierungs-, Prozesssteuerungs- und Prozessleitsystemen (Industrial Control Systems, ICS)
NIST SP 800-82 Guide to Industrial ControlSystems (ICS) Security  (SCADA, DCS, PLC and other Control Systems)

 

IT-Sicherheit - Firefox AddOns

ghostery zeigt/blockt unsichtbare tags, web bugs, pixels und beacons
better privacy BetterPrivacy dient vor allem dem Schutz vor unlöschbaren Langzeit-Cookies (dead)
lightbeam See who’s tracking you online - Lightbeam is a Firefox add-on that uses interactive visualizations to show you the first and third party sites you interact with on the Web.
firebug edit, debug, and monitor CSS, HTML, and JavaScript live in any web page
HTTPS Everywhere HTTPS Everywhere uses a clever technology to rewrite HTTP requests to HTTPS
Cipherfox Displays the current SSL/TLS cipher and certificate chain in the Add-on bar and Site ID dialog
Certificate Patrol Dein Web-Browser vertraut vielen Zertifikationsautoritäten (CAs), welche wiederrum noch mehr Sub-CAs vertrauen. Legitim digital signierte Zertifikate können von irgendwo herkommen. Dieses Add-on hilft Dir den Überblick zu behalten.
Calomel SSL Validation  Validate the grade of security of the SSL connection. This add-on was designed to more easily show the true security state of the connection so everyone can learn more about ciphers and encryption using SSL.

 

IT-Sicherheit - Security Guides

Apple / MAC OS Mac OS X Security Configuration Guides
FreeBSD FreeBSD Handbook: Security
Fedora Linux A Guide to Securing Fedora Linux
Debian Securing Debian Manual
Privacy Handbuch Anleitungen zum spurenarmen Surfen, zur Verschlüsselung von E-Mails und Daten sowie zur anonymen Kommunikation für Windows und Linux.
(Leider kein Impressum, keine Klarnamen, trotzdem sehr interessant zu lesen -hm)

 

IT Sicherheit - Spezifikationen

OpenSAMM Software Assurance Maturity Model
PTES Penetration Testing Execution Standard
BSI IT Grundschutz Kataloge IT Grundschutz Kataloge
BSI-Standards zur Internet-Sicherheit Informationen für Behörden und Unternehmen damit diese ihre Internet-Aktivitäten sicher neu aufbauen, erweitern oder anpassen können
NIST  SP 800-53 Security and Privacy Controls for Federal Information Systems and Organizations
NIST SP 800-153 Guidelines for Securing Wireless Local Area Networks (WLANs)
OSSTMM Open Source Security Testing Methodology Manual
SCARE Source Code Analysis Risk Evaluation
NIST SP 800-115 Technical Guide to Information Security Testing and Assessment (pdf)
PTF Penetration Testing Framework
Critical Security Controls SANS: Critical Security Controls for Effective Cyber Defense

 

IT-Sicherheit - Hardware / Firmware

USB Condom "USB Condoms" prevent accidental data exchange when your device is plugged in to another device with a USB cable.
Teensy The Teensy is a complete USB-based microcontroller development system, in a very small footprint, capable of implementing many types of projects.
Bus Pirate The Bus Pirate is an open source hacker multi-tool that talks to electronic stuff. It is a universal bus interface that talks to most chips from a PC serial terminal , eliminating a ton of early prototyping effort when working with new or unknown chips.
binwalk Binwalk is a firmware analysis tool designed for analyzing, reverse engineering and extracting data contained in firmware images.
BadUSB Tools, mit denen man einen herkömmlichen USB-Speicherstick in einen potenziell gefährlichen USB-Stick verwandeln kann.
sprites mods hardware hacking: hacking hard disks
USB keys What are malicious USB keys and how to create a realistic one? This blog post follows up on the study by showing how reliable and realistic-looking malicious USB keys can be created
digispark heise-Artikel über die daumennagelgroße USB Entwicklerplatine der Firma digispark: ein paar Zeilen Code ermöglichen potentiell die Übernahme eines Rechners.
securing hardware SecuringHardware.com delivers public and private training on a variety of hardware security topics.

 

IT-Sicherheit - Vermischtes

Electronic  Frontier Foundation Information Theory: How much entropy is needed to identify someone ?
Crypto Machines The Crypto Machines pages of Jerry Proc VE3FAB
Internet Census 2012 output data of a complete port-scan of the IPv4 address space. (dead)
EXFilTRATED a web-based query interface for the Internet Census 2012 data
crowdflow Crowdflow started in April 2011 after it was revealed that iPhones collect and store their location data. We have since collected and analyzed the log files of almost 1.500 iPhones and iPads and created an open database of wifi and cell networks. (toter Link, siehe youtube CCC 28c3)
Acoustic Cryptanalysis The attack can extract full 4096-bit RSA decryption keys from laptop computers, within an hour, using the sound generated by the computer
Mozilla Security Mozilla Security Blog
dnscat2 Tunneling data and commands over DNS to bypass firewalls
Big Data Anhand öffentlicher Tweets können Forscher die Höhe deines Gehalts herausfinden: "Studying User Income through Language, Behaviour and Affect in Social Media"
open resolver project open Resolvers pose a significant threat to the global network infrastructure by answering recursive queries for hosts outside of its domain.
i am the cavalry  The Cavalry is a grassroots organization that is focused on issues where computer security intersect public safety and human life.
Microsoft Privacy Statement "we will access, transfer, disclose, and preserve personal data, including your content (...), when we have a good faith belief that doing so is necessary"
DocuColor Tracking Dot Decoding Guide Auf praktisch jeder in Farbe gedruckten Seite finden sich kaum sichtbare gelbe Punkte, deren Anordnung verschlüsselte Informationen enthält. Mit ihrer Hilfe lässt sich nachvollziehen, von welchem Gerät und wann genau die Seite gedruckt wurde.
Anti-surveillance clothing The hyperface project involves printing patterns on to clothing or textiles that computers interpret as a face
   

Hardware

Arduino an open-source electronics prototyping platform
Raspberry Pi a credit-card sized computer that plugs into your TV and a keyboard
Beagleboard credit-card sized, low-power, open-hardware computer
Everykey everykey.de (was Anykey0x.de) - Open hardware
pcDuino mini PC platform that runs PC like OS'es such as Ubuntu and Android
ChipDir  Semiconductor Chip Directory
VoCore  A Coin-sized Linux Computer with WIFI

 

Antikes

Computermuseum Computermuseum Muenchen der Gesellschaft für historische Rechenanlagen e.V.
Analogrechner Das Analogrechner Museum
TNMC The National Museum of Computing located at Bletchley Park, UK
Computer History Museum The Museum is dedicated to the preservation and celebration of computer history and is home to the largest international collection of computing artifacts in the world
DEC Terminals Video Display Terminal Information - vt100.net
pdp8 Highgate's PDP-8 Page
HP-Computers collection of old Hewlett-Packard computer hardware, software, documentation
HP-Taschenrechner Hewlett-Packard calculators introduced from 1968 to 1986
OpenPA A resource for HP PA-RISC and IA64 computers

HP9000

Porting Centre source code and binaries of open source
packages ported to HP-UX
PA-RISC Linux a native port of Linux to the PA-RISC architecture
OpenBSD/hppa OpenBSD port to PA-RISC
NetBSD/hp700 NetBSD port to PA-RISC
UTAH The Utah PA-RISC Code Snapshot
HPBSD Utah's 4.3bsd port for HP9000 series machines
HPUX FAQ comp.sys.hp.hpux FAQ
Bastion Paper: Building a Bastion Host Using HP-UX

 

Telefone

Alte Telefone Telefone aus dem Telefonmuseum Hittfeld
Historische Fernmeldetechnik Fernmeldetechnik elektromechanisch, Telefone, Vermittlungstechnik, Vermittlungsstellen und Schaltpläne
Telephone Tribute Tribute to the Telephone Home Page
Telecom Archives Telecom Digest & Archives
Telephone World We wish to share what we have with people who appreciate the telephone – the strange and mysterious instrument that has been a part of our lives for well over 100 years
 

Unix

UGU UNIX Guru Universe
UnixPower Your Source for Everything UNIX
Usenix The Advanced Computing Systems Association
UNIX Timeline Unix History
TUHS The Unix Heritage Society
Microsoft ♥ Linux Das ich das noch erleben darf ....

 Verschiedenes

ORSN Open Root Server Network
TinEye TinEye is a reverse image search engine. It finds out where an image came from, how it is being used, if modified versions of the image exist
0x0d2c Ode to "C"
Signal Identification Wiki This wiki is intended to help identify radio signals through example sounds and waterfall images. Most signals are received and recorded using a software defined radio such as the RTL-SDR, Airspy, SDRPlay, HackRF, BladeRF, Funcube Dongle, USRP or others.
encoding What every programmer absolutely, positively needs to know about encodings and character sets to work with text
  

 Nicht-Technisches

Broken Windows This theory states that if there is a disorder in a neighbourhood for a substantial period of time, the mess will only get worse.
Ziele sind etwas für Verlierer! Dilbert-Erfinder Scott Adams wichtigster Tipp: Wer sich im Beruf Ziele setzt, erlebt jeden Tag nur Misserfolge.

 

 

Musik

Zappa.com The Official Frank Zappa Website
afka.net The purpose of this site is to provide a little help to those that are looking for written material about Frank Zappa.
IINK Information Is Not Knowledge
Zappa Wiki Jawaka Zappa Wiki Jawaka contains articles attempting to record the life, times and music of Frank Zappa.
Les Horribles Cernettes are the one and only High Energy Rock Band. They sing about colliders, quarks, microwaves, antiprotons and Internet.
Frank Zappa's 1993 Playboy Interview Zappa, with his trademark mustache and sideburns, chain-smoked while he spoke with unmistakable passion, and urgency, about his music, his politics, his family and his illness

Entrücktes

science warning labels A Call for More Scientific Truth in Product Warning Labels
web suicidemachine This machine lets you delete all your energy sucking social-networking profiles, kill your fake virtual friends, and completely do away with your Web2.0 alterego
there i fixed it There I Fixed It - funny bad repairs
trekcore.com Welcome to the best resource for iconic Star Trek sounds!
exploratorium The San Francisco Exploratorium
Die Maus Wie funktioniert das Internet ?
archive.org The Internet Wayback Machine
BOFH Excuses Bastard Operator From Hell - Excuse Server
BOFH Bastard Operator From Hell - the complete WWW edition
The Cloud Appreciation Society Clouds are so commonplace that their beauty is often overlooked. They are for dreamers and their contemplation benefits the soul.
6q plunderphonics
FOUND magazine We collect found stuff: love letters, birthday cards, kids’ homework, to-do lists, ticket stubs, poetry on napkins, doodles– anything that gives a glimpse into someone else’s life. Anything goes.
Museum of Endangered Sounds I launched the site in January of 2012 as a way to preserve the sounds made famous by my favorite old technologies and electronics equipment
Delta t - Verein für Zweitnormalität e.V. Der Verein für zeitversetzt und langschlafende Menschen
trumpdonald.org Was verbirgt sich unter seiner Frisur ?
Die Bielefeld Verschwörung Vor einigen Jahren fiel es einigen Unerschrockenen zum ersten Mal auf, daß in den Medien immer wieder von einer Stadt namens 'Bielefeld' die Rede war, daß aber niemand jemanden aus Bielefeld kannte, geschweige denn selbst schon einmal dort war.
Muppet Wiki Muppet Wiki is a collaborative encyclopedia for everything related to Jim Henson, Sesame Street, The Muppet Show, and The Muppets Studio.
Speak & Spell Texas Instruments Speak & Spell Simulator
Zappa Zitate “You can't be a real country unless you have a beer and an airline - it helps if you have some kind of football team, or some nuclear weapons, but in the very least you need a beer.”