====== IT Security ====== see also: * [[..:linux:security|Linux Security]] * [[:de:guide:security|🇩🇪 IT security]] * [[hacking:|Hacking]] * [[:admin:security:blocklist|Block lists]] ===== physical security ===== * physical access restricted to only those whose job responsibilities require that they maintain the equipment or infrastructure of the room. * controlled by a strong authentication method, such as an electronic combination lock, a badge reader, a fingerprint reader, or other biometric scanning device. Lock combinations should be changed on a regular basis. * Doors: fireproof and secured with deadbolt type locks that can’t be easily picked. * Keys to server room doors - both electronic and traditional - should be numbered and the whereabouts of each copy logged. * Traditional keys should be marked “Do not duplicate” and electronic keys should be copy protected. * no windows through which a person could gain access. If there are windows, they should be bulletproof/shatterproof, and/or protected by metal grates to prevent access if broken. * monitored by CCTV or IP cameras 24/7. * redundant power sources, such as a generator, to power electronic locks and authentication systems in case of a power failure or outage. * Server rooms and IT equipment rooms should not double as office space or storage space or any other shared purpose. * complete inventory of server room and IT network room equipment, including brands, models, serial numbers, and physical descriptions, should be completed and kept up to date. * system for securely disposing of unwanted discs, tapes, cards, hard drives, printed paper, and anything else that could contain confidential information should be implemented. ===== Management Systems (ISMS) ====== A management system to establish, implement, operate, monitor, review, maintain and improve information security (ISO definition). ==== Standards ==== * ISO 27000 * ISO 27001 * ISO 27002 * ISO 27003 * ISO 27004 * ISO 27005 * ISO 27006 * ISO 27007 * ISO 270014 * ISO 270015 * PCI DSS * NIST: * Special Publication 800‐53 * Cybersecurity Framework ==== Frameworks ==== * [[https://blogs.adobe.com/security/2019/12/open-source-common-controls-framework-ccf-v3-0-now-available.html|Adobe Common Controls Framework]] (Adobe CCF) * [[https://about.gitlab.com/handbook/engineering/security/security-assurance/security-compliance/sec-controls.html#gitlab-control-framework-gcf|Gitlab Control Framework]] (GCF) ===== Software ===== ^ Name ^ Purpose | | [[https://github.com/Neo23x0/Loki|LOKI]] | Simple IoC client/server scanner with custom signatures, written in python | | [[https://virustotal.github.io/yara/|YARA]] | Pattern matching for malware research | ==== Web Apps ==== ^ Magento | Scanner: [[https://www.magereport.com|MageReport]] | ===== further information ===== * [[https://nces.ed.gov/pubs98/safetech/chapter5.asp|Protecting Your System: Physical Security]] * [[https://inteltechniques.com/|IntelTechniques]] (Open Source Intelligence) ==== Talks ==== * [[https://www.youtube.com/watch?v=wo7o81VhvVA|Ten Deadly Sins of Administrators about Windows Security (Microsoft TechEd North America 2012)]] * [[https://www.youtube.com/watch?v=JsVtHqICeKE|DEFCON 19: Steal Everything, Kill Everyone, Cause Total Financial Ruin]] ===== communities ===== * [[:guide:reddit|Reddit]] : * [[https://www.reddit.com/r/blueteamsec|r/blueteamsec]] – technical intelligence, research and engineering to help operational [blue|purple] teams defend their estates. * [[https://www.reddit.com/r/netsec|r/netsec]] * [[https://www.reddit.com/r/cybersecurity/|r/cybersecurity]] ===== online tools ===== * [[https://securityheaders.com|Security Headers]] – check web server headers for security directives.