Vlastnosti hardened kernelu pro kaz de ho paranoika

Size: px
Start display at page:

Download "Vlastnosti hardened kernelu pro kaz de ho paranoika"

Transcription

1 Vlastnosti hardened kernelu pro kaz de ho paranoika 2013/06/01

2 Kdo je Kdo je Vy voja r Gentoo od podzima 2008 C len councilu od ledna 2010 C len KDE ty mu (chvı li jim i s e foval nez se objevilo akonadi) Spra vce/vy voja r LibreOffice Dr ı ve take v Gentoo pracoval na X11, Overlays, Clustering, QA,... Pracuje v SUSE jako L3/QA Maintenance To byl na pad tu prezentaci de lat c esky. Sloz ite js ı odborne termı ny budou v anglic tine jinak bysme se z toho zbla znili.

3 Za klad Hardened Gentoo Za kladnı informace Projekt pro zvy s enı zabezpec enı poc ı tac e pomocı ru zny ch patchu (viz dals ı slide) Snahou je co nejvı ce te chto vlastnostı integrovat pr ı mo do hlavniho profilu Gentoo Z du vodu snı z enı vy konu ne ktery ch aplikacı a zamezenı fuknc nosti ne ktery ch funkcı pro desktop je to sta le odde leny projekt http//www.gentoo.org/proj/en/hardened/

4 Za klad Hardened Gentoo Dostupne funkce Nastavenı toolchainu (kompiler, linker,.. ) jako vynucenı, kontrola za sobnı ku pr i kompilaci, nebo ochrana proti stack-smashingu Rozs ı r enı ja dra PaX, poskytujı cı non-executable memory, address space layout randomization,... Rozs ı r enı ja dra grsecurity, umoz n ujı cı restrikce chrootu, dodatec ny audit, omezenı procesu,... Rozs ı r enı ja dra SELinux, MAC (Mandatory Access Control) rozs ir ujı cı be z na omezenı linuxovy ch pra v Technologie komem Integrity, jako Integrity Measurement Architecture, ktera chra nı syste m proti nevı tany m zme na m

5 Toolchain Zabezpec enı pr i kompilaci a FORTIFY SOURCE jsou i v za kladnı m profilu -DFORTIFY SOURCE=2 zabezpec enı proti jednoduchy m pr etec enı m za sobnı ku /PIC ko d neza visly na pozici v pame ti, vets ina skoku je poc ı ta na tedy relativne mı sto abs. odkazu SSP ochrana proti stack-smashing z GCC, pr ida na konec (lze i na hodne ) za sobnı ku kana rka ktery informuje o pokusu o pr etec enı at na hodne m c i cı lene m (sranda sledovat s nepomukem)

6 Toolchain Zabezpec enı pr i linkova nı -Wl,-z,relro oznac ı c a sti knihovny pouze pro c tenı a znemoz nı u pravy (GOT, PLT) -Wl,-z,now pr eloz ı vs echny symboly a vynutı nac tenı knihoven pr i spus tenı aplikace (spadne kdyz nejsou vs echny splne ny) a neznatelne zpomalı prvnı spus te nı applikace

7 grsecurity grsecurity RBAC c a st rozs ı r enı unixovy ch pr ı stupovy ch pra v o dals ı moz nosti, napr. ochrana pr ed brute-force, skrytı ptrace vybrany m procesu m,... Omezenı chroot ochrana proti priv-esc a dals ı omezenı /za brany zamezeny pr ı stup do sdı lene pame ti z chrootu, nemoz nost videt procesy mimo chroot, omezeny kill/sgid/... Audit logovanı c innostı uz ivatelu, mount, zme ny c asu, pouz itı chdir, zaznamena nı pr ı kazu Exec, nezdar ene fork...

8 grsecurity grsecurity - nastavenı grsecurity obsahuje spoustu moz nostı a vyplatı se je nastudovat s webovy ch stra nek projektu. Gentoo se snaz ı proti vy chozı m moz nostem (Nı zke /Vysoke zabezpec enı ) pr idat jes te moz nost desktop/server, kdy jsou ty nejzajı mave js ı moz nosti povoleny. Mimo ja dro uz se moc ve cı pro grsec de lat nemusı, spı s e se jedna o nastavenı pro PaX.

9 PaX PaX Technicky vzato se jedna o c a st grsecurity, ktera nenı vyvy jena upstreamem a umoz nuje na sledujı cı c innosti. ASLR na hodne rozmı ste nı adresove ho prostoru a proto u toc nı k neodhadne rozvrz enı pame ti Vynucenı stavu pame ti bud je ke c tenı nebo pouze k za pisu. VELICE zpomalı syste m, zato ho zatracene dobr e zabezpec ı (binarnı drivery pla c ou) Trampolı nky runtime rozs ı r enı pro SSP da se r ı ct, protoz e de la te me r to same. Bohuz el runtime ovla da PaX a tedy dı ra v PaX kompromituje cely syste m

10 PaX PaX - ovla da nı Doporuc uji na testova nı sta hnou soubor checksec.sh a nainstalovat paxtest. paxctl -flagy binarka / paxctl-ng -flagy binarka Paxctl zapisuje pr ı mo do elf a nefunguje napr. nefunguje na Skype Paxctl-ng pouz ı va xattr (v Gentoo myslı m to pouz ı va i stary pax) ~ # paxctl-ng -v /usr/lib64/libreoffice/program/ /usr/lib64/libreoffice/program/soffice.bin PT_PAX -em-xattr_pax not found

11 PaX PaX - vy stup checksec.sh... * Does the CPU support NX Yes COMMAND init udevd dbus-daemon rsyslogd console-kit-dae polkitd wpa_supplicant wpa_cli smartd X... PID RELRO Full RELRO Full RELRO Full RELRO Full RELRO Full RELRO Full RELRO Full RELRO Full RELRO Full RELRO Partial RELRO STACK CANARY Canary found Canary found Canary found Canary found Canary found Canary found Canary found Canary found No canary found Canary found NX/PaX NX enabled NX enabled NX enabled NX enabled NX enabled NX enabled NX enabled NX enabled NX enabled NX enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled enabled

12 PaX PaX - vy stup paxtest # paxtest Executable anonymous mapping Executable bss Executable data Executable heap Executable stack Executable anonymous mapping (mprotect) Executable bss (mprotect) Executable data (mprotect) Executable heap (mprotect) Executable stack (mprotect) Executable shared library bss (mprotect) Executable shared library data (mprotect) Writable text segments Anonymous mapping randomisation test Heap randomisation test (ET_EXEC) Heap randomisation test (ET_DYN) Main executable randomisation (ET_EXEC) Main executable randomisation (ET_DYN) Shared library randomisation test Stack randomisation test (SEGMEXEC) Stack randomisation test (PAGEEXEC) Return to function (strcpy) Return to function (memcpy) Return to function (strcpy, RANDEXEC) Return to function (memcpy, RANDEXEC) Executable shared pro library bssparanoika Vlastnosti hardened kernelu kaz de ho 16 bits (guessed) 13 bits (guessed) 25 bits (guessed) 16 bits (guessed) 17 bits (guessed) 16 bits (guessed) 23 bits (guessed) No randomisation Vulnerable Vulnerable

13 SELinux SELinux O SELinuxu nevı m te me r nı c a zvla dl jsem to nastavit pouze jednou Doporuc uji pr ec ı st si dokumentaci a Svenu v blog http//www.gentoo.org/proj/en/hardened/selinux/selinuxhandbook.xml http//blog.siphos.be/category/gentoo/hardened/

14 Integrity Advanced Intrusion Detection Environment Jedna se o metodu detekce pru niku (AIDE). V Gentoo je balı c ek dostupny jako app-forensics/aide. Je du lez ite si spra vne nastavit co vs e sledovat (ani ma lo ani moc) Nastavenı musı by t read-only pokudmoz no externe (nfs?) Skenova nı by se me lo prova de t offline z livecd/memory-sticku

15 Integrity AID - uka zkovy vy stup AIDE found differences between database and filesystem!! Start timestamp Summary Total number of files Added files Removed files Changed files Changed files changed /etc/pam.d/ changed /etc/pam.d/sudo

16 Integrity AID - uka zkovy vy stup - page Detailed information about changes Directory /etc/pam.d Mtime Ctime , , File /etc/pam.d/sudo Size 135 Mtime Ctime Inode MD5 239be3ac285c0860e5e81a== SHA1 e7d7393f0768ed2dbebdbne5v6e=,,,,,, elurp2bkw43eexazx+dlba== KwQ42poukMiqEjKQ7e9xkBNZB8=

17 Nejpravde podobne js ı moz nosti u toku Nejpravde podobne js ı moz nosti u toku na desktop v dnes nı dobe Zneuz itı s patne nastaveny ch pravidel consolekit/dbus Zneuz itı s patne nastavene ho d-bus syste mu SUID bina rka liknovana s kreativnı ma knihovnama (Xlib,...), pr ecijen suid da va kernel pomocı podvrz enı balı c ku (distro od distra podle toho jak majı r es ene podpisy)

18 Obrana Obrana Pr inucenı distribucı vracet upstreamu patche s vy chozı m chova nı m, ktere je bezpec ne Dı ky pr edchozı mu zabezpec enı vets iny distribucı Odebı ra nı suid bitu kde jen to jde Vı ce paranoiku kter ı poma hajı s poloz kou c ı slo 1

19 Dotazy Ota zky a odpove di.

20 Pode kova nı De kuji za pozornost

Safety measures in Linux

Safety measures in Linux S a f e t y m e a s u r e s i n L i n u x Safety measures in Linux Krzysztof Lichota lichota@mimuw.edu.pl A g e n d a Standard Unix security measures: permissions, capabilities, ACLs, chroot Linux kernel

More information

Hardening Linux. and introducing Securix GNU/Linux

Hardening Linux. and introducing Securix GNU/Linux Hardening Linux and introducing Securix GNU/Linux Hardening basics From lowest to highest level Tune every part of system and applications Follow standards and security policies Regularly check system

More information

1.- L a m e j o r o p c ió n e s c l o na r e l d i s co ( s e e x p li c a r á d es p u é s ).

1.- L a m e j o r o p c ió n e s c l o na r e l d i s co ( s e e x p li c a r á d es p u é s ). PROCEDIMIENTO DE RECUPERACION Y COPIAS DE SEGURIDAD DEL CORTAFUEGOS LINUX P ar a p od e r re c u p e ra r nu e s t r o c o rt a f u e go s an t e un d es a s t r e ( r ot u r a d e l di s c o o d e l a

More information

B y R us se ll E ri c Wr ig ht, DV M. M as te r of S ci en ce I n V et er in ar y Me di ca l Sc ie nc es. A pp ro ve d:

B y R us se ll E ri c Wr ig ht, DV M. M as te r of S ci en ce I n V et er in ar y Me di ca l Sc ie nc es. A pp ro ve d: E ff ec ts o f El ec tr ic al ly -S ti mu la te d Si lv er -C oa te d Im pl an ts a nd B ac te ri al C on ta mi na ti on i n a Ca ni ne R ad iu s Fr ac tu re G ap M od el B y R us se ll E ri c Wr ig ht,

More information

Upozorňujeme,že můžete formáty pro čtečky převádět ON-LINE na internetu do formátu PDF apod.

Upozorňujeme,že můžete formáty pro čtečky převádět ON-LINE na internetu do formátu PDF apod. Dobrý den, děkujeme za Nákup,níže máte odkazy pro bezplatné stažení.knihy jsou v archivech PDF(nepotřebujete čtečku e-knih),txt(nepotřebujete čtečku e-knih), a dále pro čtečky : soubory typu: PDB,MOBI,APNX

More information

1. Oblast rozvoj spolků a SU UK 1.1. Zvyšování kvalifikace Školení Zapojení do projektů Poradenství 1.2. Financování 1.2.1.

1. Oblast rozvoj spolků a SU UK 1.1. Zvyšování kvalifikace Školení Zapojení do projektů Poradenství 1.2. Financování 1.2.1. 1. O b l a s t r o z v o j s p o l k a S U U K 1. 1. Z v y š o v á n í k v a l i f i k a c e Š k o l e n í o S t u d e n t s k á u n i e U n i v e r z i t y K a r l o v y ( d á l e j e n S U U K ) z í

More information

E-puck knihovna pro Python

E-puck knihovna pro Python E-puck knihovna pro Python David Marek Univerzita Karlova v Praze 5. 4. 2011 David Marek (MFF UK) E-puck knihovna pro Python 5. 4. 2011 1 / 36 Osnova 1 Představení e-puck robota 2 Připojení 3 Komunikace

More information

Unix Security Technologies: Host Security Tools. Peter Markowsky

Unix Security Technologies: Host Security Tools. Peter Markowsky <peterm[at]ccs.neu.edu> Unix Security Technologies: Host Security Tools Peter Markowsky Syllabus An Answer to last week s assignment Four tools SSP W^X PaX Systrace Last time You were assigned to get a

More information

The Case for SE Android. Stephen Smalley sds@tycho.nsa.gov Trust Mechanisms (R2X) National Security Agency

The Case for SE Android. Stephen Smalley sds@tycho.nsa.gov Trust Mechanisms (R2X) National Security Agency The Case for SE Android Stephen Smalley sds@tycho.nsa.gov Trust Mechanisms (R2X) National Security Agency 1 Android: What is it? Linux-based software stack for mobile devices. Very divergent from typical

More information

C o a t i a n P u b l i c D e b tm a n a g e m e n t a n d C h a l l e n g e s o f M a k e t D e v e l o p m e n t Z a g e bo 8 t h A p i l 2 0 1 1 h t t pdd w w wp i j fp h D p u b l i c2 d e b td S t

More information

88-GLI ARREDI FESTIVI

88-GLI ARREDI FESTIVI 88-GLI AEDI FEII dall'oea "Nabuo" Giusee e Coo Intoduzione oano I Mezzo-oano Contalto eno ass Allego Mosso ΠΠΠΠ(Ebei. Leviti e egini Ebee) Gli_a - Gli_a - Gli_a - Gli_a - ΠGli_a -. e - e -. e - e

More information

Defense in Depth: Protecting Against Zero-Day Attacks

Defense in Depth: Protecting Against Zero-Day Attacks Defense in Depth: Protecting Against Zero-Day Attacks Chris McNab FIRST 16, Budapest 2004 Agenda Exploits through the ages Discussion of stack and heap overflows Common attack behavior Defense in depth

More information

Cisco Security Agent (CSA) CSA je v í c eúčelo v ý s o f t w a r o v ý ná s t r o j, k t er ý lze p o už í t k v ynuc ení r ů zný c h b ezp ečno s t ní c h p o li t i k. CSA a na lyzuje c h o v á ní a

More information

Vocal solo part. Carl Philipp Emanuel BACH MAGNIFICAT

Vocal solo part. Carl Philipp Emanuel BACH MAGNIFICAT Vocal solo art Carl Phili Emanuel BACH MAGNIFICAT Vocal solo art Allegro 1. Magniicat TACET Carl Phili Emanuel BACH (1714-1788) 2. Quia resexit Sorano Andante 5 9 12 2 C.Ph.E.Bach. Magniicat Vocal solo

More information

STEEL PIPE NIPPLE BLACK AND GALVANIZED

STEEL PIPE NIPPLE BLACK AND GALVANIZED Price Sheet CWN-616 Effective June 06, 2016 Supersedes CWN-414 A Member of The Phoenix Forge Group CapProducts LTD. Phone: 519-482-5000 Fax: 519-482-7728 Toll Free: 800-265-5586 www.capproducts.com www.capitolcamco.com

More information

AppSecUSA New York City 2013

AppSecUSA New York City 2013 AppSecUSA New York City 2013 ME? Simón Roses Femerling Founder & CEO, VULNEX www.vulnex.com Blog: www.simonroses.com Twitter: @simonroses Former Microsoft, PwC, @Stake DARPA Cyber Fast Track award on software

More information

Linux Exploit Mitigation

Linux Exploit Mitigation Linux Exploit Mitigation Dobin Rutishauser V1.3, March 2016 Compass Security Schweiz AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch www.csnc.ch About

More information

Modern Binary Exploitation Course Syllabus

Modern Binary Exploitation Course Syllabus Modern Binary Exploitation Course Syllabus Course Information Course Title: Modern Binary Exploitation Course Number: CSCI 4968 Credit Hours: 4 Semester / Year: Spring 2015 Meeting Days: Tuesday/Friday

More information

BIRD Internet Routing Daemon

BIRD Internet Routing Daemon BIRD Internet Routing Daemon Ondřej Zajíček CZ.NIC z.s.p.o. IT 13 Úvod I Úvod do dynamického routování I Představení démona BIRD I OSPF a BIRD I BGP a BIRD Dynamické routování I Sestavení routovacích tabulek

More information

Operating Systems. Design and Implementation. Andrew S. Tanenbaum Melanie Rieback Arno Bakker. Vrije Universiteit Amsterdam

Operating Systems. Design and Implementation. Andrew S. Tanenbaum Melanie Rieback Arno Bakker. Vrije Universiteit Amsterdam Operating Systems Design and Implementation Andrew S. Tanenbaum Melanie Rieback Arno Bakker Vrije Universiteit Amsterdam Operating Systems - Winter 2012 Outline Introduction What is an OS? Concepts Processes

More information

Outline. Operating Systems Design and Implementation. Chap 1 - Overview. What is an OS? 28/10/2014. Introduction

Outline. Operating Systems Design and Implementation. Chap 1 - Overview. What is an OS? 28/10/2014. Introduction Operating Systems Design and Implementation Andrew S. Tanenbaum Melanie Rieback Arno Bakker Outline Introduction What is an OS? Concepts Processes and Threads Memory Management File Systems Vrije Universiteit

More information

JCUT-3030/6090/1212/1218/1325/1530

JCUT-3030/6090/1212/1218/1325/1530 JCUT CNC ROUTER/CNC WOODWORKING MACHINE JCUT-3030/6090/1212/1218/1325/1530 RZNC-0501 Users Guide Chapter I Characteristic 1. Totally independent from PC platform; 2. Directly read files from U Disk; 3.

More information

Put the human back in Human Resources.

Put the human back in Human Resources. Put the human back in Human Resources A Co m p l et e Hu m a n Ca p i t a l Ma n a g em en t So l u t i o n t h a t em p o w er s HR p r o f essi o n a l s t o m eet t h ei r co r p o r a t e o b j ect

More information

7' RICOCHET SHUFFLEBOARD TABLE

7' RICOCHET SHUFFLEBOARD TABLE 7' RICOCHET SHUFFLEBOARD TABLE ASSEM BLYL INSTRUCTIONS NG1201 THANK Y OU! Th a n k yo u f o r p u r ch a si n g t h i s p r o d u ct. We w o r k a r o u n d t h e cl o ck a n d a r o u n d t h e g l o

More information

Campus Sustainability Assessment and Related Literature

Campus Sustainability Assessment and Related Literature Campus Sustainability Assessment and Related Literature An Annotated Bibliography and Resource Guide Andrew Nixon February 2002 Campus Sustainability Assessment Review Project Telephone: (616) 387-5626

More information

aneb Perfekt perfektně.

aneb Perfekt perfektně. aneb Perfekt perfektně. 2013 se v angličtině nazývá Present Perfect, tedy Přítomný perfekt. Patří k časům přítomným, ačkoliv se jistě nejedná o klasický přítomný čas tak, jak jsme zvykĺı z češtiny. jistým

More information

Luk aˇ s R uˇ ziˇ cka Pomocn a slovesa

Luk aˇ s R uˇ ziˇ cka Pomocn a slovesa Pomocná slovesa Přehled funkcí Leden 2013 Přehled funkcí 1 děje probíhající právě ted 2 děje probíhající, ale ne nutně právě ted 3 děje probíhající dočasně 4 budoucí použití (pevná dohoda) Děje probíhající

More information

With Rejoicing Hearts/ Con Amor Jovial. A Fm7 B sus 4 B Cm Cm7/B

With Rejoicing Hearts/ Con Amor Jovial. A Fm7 B sus 4 B Cm Cm7/B for uli With Rejoic Herts/ on mor ol dition # 10745-Z1 ime ortez Keyord ccompniment y effy Honoré INTRO With energy ( = c 88) Keyord * m7 B sus 4 B 7/B mj 9 /B SMPL B 7 *Without percussion, egin he 1995,

More information

I n la n d N a v ig a t io n a co n t r ib u t io n t o eco n o m y su st a i n a b i l i t y

I n la n d N a v ig a t io n a co n t r ib u t io n t o eco n o m y su st a i n a b i l i t y I n la n d N a v ig a t io n a co n t r ib u t io n t o eco n o m y su st a i n a b i l i t y and KB rl iak s iol mi a, hme t a ro cp hm a5 a 2k p0r0o 9f i,e ls hv oa nr t ds eu rmv oedye l o nf dae cr

More information

Missa de Angelis. A Gregorian Mass. Edited and arranged by Christopher Moore

Missa de Angelis. A Gregorian Mass. Edited and arranged by Christopher Moore Missa de Angelis A Gregorian Mass Edited and arranged y Christopher Moore Missa de Angelis Edited and arranged y Christopher Moore Version 2 March 2002 The Gregorian Mass known as the Missa de Angelis

More information

OWASP Spain Barcelona 2014

OWASP Spain Barcelona 2014 OWASP Spain Barcelona 2014 ME & VULNEX Simon Roses Femerling Founder & CEO, VULNEX www.vulnex.com @simonroses @vulnexsl Former Microsoft, PwC, @Stake Black Hat, RSA, OWASP, SOURCE, AppSec, DeepSec, TECHNET,

More information

B I N G O B I N G O. Hf Cd Na Nb Lr. I Fl Fr Mo Si. Ho Bi Ce Eu Ac. Md Co P Pa Tc. Uut Rh K N. Sb At Md H. Bh Cm H Bi Es. Mo Uus Lu P F.

B I N G O B I N G O. Hf Cd Na Nb Lr. I Fl Fr Mo Si. Ho Bi Ce Eu Ac. Md Co P Pa Tc. Uut Rh K N. Sb At Md H. Bh Cm H Bi Es. Mo Uus Lu P F. Hf Cd Na Nb Lr Ho Bi Ce u Ac I Fl Fr Mo i Md Co P Pa Tc Uut Rh K N Dy Cl N Am b At Md H Y Bh Cm H Bi s Mo Uus Lu P F Cu Ar Ag Mg K Thomas Jefferson National Accelerator Facility - Office of cience ducation

More information

SCO TT G LEA SO N D EM O Z G EB R E-

SCO TT G LEA SO N D EM O Z G EB R E- SCO TT G LEA SO N D EM O Z G EB R E- EG Z IA B H ER e d it o r s N ) LICA TIO N S A N D M ETH O D S t DVD N CLUDED C o n t e n Ls Pr e fa c e x v G l o b a l N a v i g a t i o n Sa t e llit e S y s t e

More information

AUS-e-TUTE. Periodic Table Lessons and Activities. ausetute.com.au. Definition of Terms used in this publication: Crossword: Drill: Exam:

AUS-e-TUTE. Periodic Table Lessons and Activities. ausetute.com.au. Definition of Terms used in this publication: Crossword: Drill: Exam: 2012 AUS-e-TUTE Periodic Table Lessons and Activities Definition of Terms used in this publication: requires students to find and enter information, Interactive Learning Activity: then guides them through

More information

G ri d m on i tori n g w i th N A G I O S (*) (*) Work in collaboration with P. Lo Re, G. S av a and G. T ortone WP3-I CHEP 2000, N F N 10.02.2000 M e e t i n g, N a p l e s, 29.1 1.20 0 2 R o b e r 1

More information

TRENDnetVIEW App (Android)

TRENDnetVIEW App (Android) Installation Ta p o n th e P la y S tore ico n to d o w n lo a d a n d in sta ll T R E N D n e tv IE W a p p. O n ce in sta lle d ta p the TRENDnetVIEW icon to open up the app. N ote : A n d ro id O S

More information

Models of Natural Language In modeling English (or another natural language) we ignore meaning and even grammar. That is, we ignore semantics.

Models of Natural Language In modeling English (or another natural language) we ignore meaning and even grammar. That is, we ignore semantics. Models of Natural Language In modeling English (or another natural language) we ignore meaning and even grammar. That is, we ignore semantics. Instead, we treat English as being the result of some random

More information

Hunting birds. Yuki Koike

Hunting birds. Yuki Koike Hunting birds Yuki Koike Abstract NADA Junior and Senior High School 8-5-1, Uozaki-Kitamachi, Higashinada-ku, Kobe-shi, Hyogo 658-0082, JAPAN poteticalbee@gmail.com Stack Smashing Protection (SSP) is one

More information

pavlix@pavlix.net pavlix@pavlix.net

pavlix@pavlix.net pavlix@pavlix.net Evolution of Linux network management InstallFest 2013, Praha http://data.pavlix.net/installfest/2013/ 1/12 From: Dan Williams To: networkmanager-list gnome org Subject: ANN: released

More information

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence This document reports CEU (continuing education units) and CCU (continuing competence units) requirements for renewal. It describes: Number of CEUs/CCUs required for renewal Who approves continuing education

More information

Electron Configuration Activity

Electron Configuration Activity Electron Configuration Activity Purpose To find the relationship between electron configuration and organization of the periodic table. Materials Paper copy of the periodic table colored pencils or markers

More information

He Will Hold Me Fast (When I Fear My Faith Will Fail)

He Will Hold Me Fast (When I Fear My Faith Will Fail) ? 9? 1? Full Hope (h = 66) (v:fm7) 1. When. Those. (v:fm7) Till When Pre ust? I ll I cious ice could not Raed ith Bought by / love Him faith fear saves life tempt / nev let Him at are /C faith H bled /C

More information

PERIODIC TABLES: I. Directory, II. Traditional, III. Vertical, IV. Toxicity (LD 50 values), V. Native (elemental form)

PERIODIC TABLES: I. Directory, II. Traditional, III. Vertical, IV. Toxicity (LD 50 values), V. Native (elemental form) PERIODIC TABLES: I. Directory, II. Traditional, III. Vertical, IV. Toxicity (LD 50 values), V. Native (elemental form) Site developed by Steve Murov, Professor Emeritus of Chemistry, Modesto Junior College,

More information

FORT WAYNE COMMUNITY SCHOOLS 12 00 SOUTH CLINTON STREET FORT WAYNE, IN 468 02 6:02 p.m. Ma r c h 2 3, 2 015 OFFICIAL P ROCEED ING S Ro l l Ca l l e a r d o f h o o l u e e o f t h e r t y m m u t y h o

More information

Canta, canta, canta. "Do" - Female Voice Level II. œ Œ. œ J œ œ. j œ œ œ # # j œ. . j œ. œ. > œ. œ. œ. œ. > j œ. j > œ. œ. > Û Û J.

Canta, canta, canta. Do - Female Voice Level II. œ Œ. œ J œ œ. j œ œ œ # # j œ. . j œ. œ. > œ. œ. œ. œ. > j œ. j > œ. œ. > Û Û J. for Southwestern ollege Mariachis anta, canta, canta "Do" - emale Voice ose lfredo imenez arr eff Nevin Vln 1 Ranchera Polkeada q» º pizz arco Vln pizz arco Tpt 1 Tpt rm ao eff Nevin, 001 Vln 1 1 Vln Tpt

More information

Online Department Stores. What are we searching for?

Online Department Stores. What are we searching for? Online Department Stores What are we searching for? 2 3 CONTENTS Table of contents 02 Table of contents 03 Search 06 Fashion vs. footwear 04 A few key pieces 08 About SimilarWeb Stepping up the Competition

More information

Application Note: Cisco A S A - Ce r t if ica t e T o S S L V P N Con n e ct ion P r of il e Overview: T h i s a p p l i ca ti o n n o te e x p l a i n s h o w to co n f i g u r e th e A S A to a cco m

More information

Missa Brevis. ,!7JA6G1-aeagdh! Wolfgang Plagge [opus 107] for male quartet durata 8:00. composed 2002 version

Missa Brevis. ,!7JA6G1-aeagdh! Wolfgang Plagge [opus 107] for male quartet durata 8:00. composed 2002 version Contents Missa revis Wolfgang Plagge [opus 107] 1 1. KYRIE 3 2. GLORIA 7 www.2l.no 16 Missa revis Wolfgang Plagge [opus 107] for male quartet durata 8:00 composed 2002 version 15.05.2003 M-66104-063-7,!7JA6G1-aeagdh!

More information

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Continuing Competence This document reports CEU requirements for renewal. It describes: Number of required for renewal Who approves continuing education Required courses for renewal Which jurisdictions require active practice

More information

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security

UNIK4250 Security in Distributed Systems University of Oslo Spring 2012. Part 7 Wireless Network Security UNIK4250 Security in Distributed Systems University of Oslo Spring 2012 Part 7 Wireless Network Security IEEE 802.11 IEEE 802 committee for LAN standards IEEE 802.11 formed in 1990 s charter to develop

More information

i n g S e c u r it y 3 1B# ; u r w e b a p p li c a tio n s f r o m ha c ke r s w ith t his å ] í d : L : g u id e Scanned by CamScanner

i n g S e c u r it y 3 1B# ; u r w e b a p p li c a tio n s f r o m ha c ke r s w ith t his å ] í d : L : g u id e Scanned by CamScanner í d : r ' " B o m m 1 E x p e r i e n c e L : i i n g S e c u r it y. 1-1B# ; u r w e b a p p li c a tio n s f r o m ha c ke r s w ith t his g u id e å ] - ew i c h P e t e r M u la e n PACKT ' TAÞ$Æo

More information

ni - do_in che la mia fe - ni - ce

ni - do_in che la mia fe - ni - ce anto = h É questo l ni in che la mia fenice Oratio igrini 792, no. 8 É que - sto_ l ni - _in che la mia fe - ni - ce Mi - se l au - ra - te_et Sesto lto Quinto In che la mia fe - ni - ce Mi - se l au -

More information

Martin Gregor. 7. června 2016

Martin Gregor. 7. června 2016 Co (nového) Vás čeká na IES? Malá ochutnávka z naší kuchyně nejen pro přijaté studenty Institut ekonomických studíı FSV UK 7. června 2016 Šance na přijetí Hlavním kritériem přijetí je kombinovaný NSZ percentil:

More information

The Periodic Table, Electron Configuration & Chemical Bonding. Lecture 7

The Periodic Table, Electron Configuration & Chemical Bonding. Lecture 7 The Periodic Table, Electron Configuration & Chemical Bonding Lecture 7 Electrons We will start to look at the periodic table by focusing on the information it gives about each element s electrons. How

More information

H ig h L e v e l O v e r v iew. S te p h a n M a rt in. S e n io r S y s te m A rc h i te ct

H ig h L e v e l O v e r v iew. S te p h a n M a rt in. S e n io r S y s te m A rc h i te ct H ig h L e v e l O v e r v iew S te p h a n M a rt in S e n io r S y s te m A rc h i te ct OPEN XCHANGE Architecture Overview A ge nda D es ig n G o als A rc h i te ct u re O ve rv i ew S c a l a b ili

More information

Eugene Tsyrklevich. Ozone HIPS: Unbreakable Windows

Eugene Tsyrklevich. Ozone HIPS: Unbreakable Windows Eugene Tsyrklevich Eugene Tsyrklevich has an extensive security background ranging from designing and implementing Host Intrusion Prevention Systems to training people in research, corporate, and military

More information

Prezentaci ukončíte stiskem klávesy ESC. GNU Emacs. Pavel Janík, CZLUG

Prezentaci ukončíte stiskem klávesy ESC. GNU Emacs. Pavel Janík, CZLUG Prezentaci ukončíte stiskem klávesy ESC. GNU Emacs Pavel Janík, CZLUG Editor nebo operační systém? Eight (eighty) megabytes and constantly swapping rozsáhlé možnosti jednoduché rozšiřování skvělá dokumentace

More information

Electronic Stability & Periodic Table

Electronic Stability & Periodic Table Electronic Stability & Periodic Table Things at higher energy are less stable!! All living things are dependent on their ability to acquire energy from unstable things! The compounds in the food you eat

More information

Chem 115 POGIL Worksheet - Week 4 Moles & Stoichiometry Answers

Chem 115 POGIL Worksheet - Week 4 Moles & Stoichiometry Answers Key Questions & Exercises Chem 115 POGIL Worksheet - Week 4 Moles & Stoichiometry Answers 1. The atomic weight of carbon is 12.0107 u, so a mole of carbon has a mass of 12.0107 g. Why doesn t a mole of

More information

Exploiting nginx chunked overflow bug, the undisclosed attack vector

Exploiting nginx chunked overflow bug, the undisclosed attack vector Exploiting nginx chunked overflow bug, the undisclosed attack vector Long Le longld@vnsecurity.net About VNSECURITY.NET CLGT CTF team 2 VNSECURITY.NET In this talk Nginx brief introduction Nginx chunked

More information

Gerd Behrmann CISS & Institut for Datalogi Aalborg Universitet. behrmann@cs.aau.dk

Gerd Behrmann CISS & Institut for Datalogi Aalborg Universitet. behrmann@cs.aau.dk Vaccine til mobilen Gerd Behrmann CISS & Institut for Datalogi Aalborg Universitet behrmann@cs.aau.dk Motivations Security Threats over Internet Complexity of Internet, Protocols and Applications are all

More information

C + + a G iriş 2. K o n tro l y a p ıla rı if/e ls e b re a k co n tin u e g o to sw itc h D ö n g ü le r w h ile d o -w h ile fo r

C + + a G iriş 2. K o n tro l y a p ıla rı if/e ls e b re a k co n tin u e g o to sw itc h D ö n g ü le r w h ile d o -w h ile fo r C + + a G iriş 2 K o n tro l y a p ıla rı if/e ls e b re a k co n tin u e g o to sw itc h D ö n g ü le r w h ile d o -w h ile fo r F o n k s iy o n la r N e d ir? N a s ıl k u lla n ılır? P ro to tip v

More information

Red Hat. www.redhat.com. By Karl Wirth

Red Hat. www.redhat.com. By Karl Wirth Red Hat Enterprise Linux 5 Security By Karl Wirth Abstract Red Hat Enterprise Linux has been designed by, and for, the most security-conscious organizations in the world. Accordingly, security has always

More information

Opis przedmiotu zamówienia - zakres czynności Usługi sprzątania obiektów Gdyńskiego Centrum Sportu

Opis przedmiotu zamówienia - zakres czynności Usługi sprzątania obiektów Gdyńskiego Centrum Sportu O p i s p r z e d m i o t u z a m ó w i e n i a - z a k r e s c z y n n o c i f U s ł u i s p r z» t a n i a o b i e k t ó w G d y s k i e C eo n t r u m S p o r t us I S t a d i o n p i ł k a r s k i

More information

CLASS TEST GRADE 11. PHYSICAL SCIENCES: CHEMISTRY Test 6: Chemical change

CLASS TEST GRADE 11. PHYSICAL SCIENCES: CHEMISTRY Test 6: Chemical change CLASS TEST GRADE PHYSICAL SCIENCES: CHEMISTRY Test 6: Chemical change MARKS: 45 TIME: hour INSTRUCTIONS AND INFORMATION. Answer ALL the questions. 2. You may use non-programmable calculators. 3. You may

More information

static void insecure (localhost *unix)

static void insecure (localhost *unix) static void insecure (localhost *unix) Eric Pancer epancer@infosec.depaul.edu Information Security Team DePaul University http://infosec.depaul.edu Securing UNIX Hosts from Local Attack p.1/32 Overview

More information

G d y n i a U s ł u g a r e j e s t r a c j i i p o m i a r u c z a s u u c z e s t n i k ó w i m p r e z s p o r t o w y c h G d y s k i e g o O r o d k a S p o r t u i R e k r e a c j i w r o k u 2 0

More information

A Comparison of Buffer Overflow Prevention Implementations and Weaknesses

A Comparison of Buffer Overflow Prevention Implementations and Weaknesses A Comparison of Buffer Overflow Prevention Implementations and Weaknesses Written by: Peter Silberman and Richard Johnson 1875 Campus Commons Dr. Suite 210 Reston, VA 20191 Toll Free: 877.516.2974 Main:

More information

NAAUSA Security Survey

NAAUSA Security Survey NAAUSA Security Survey 1. How would you rate the importance of each of the following AUSA security improvements. Very important Somewhat important Not too important Not at all important Secure parking

More information

«С e n tra l- A s ia n E le c tric - P o w e r C o rp o ra tio n», JS C

«С e n tra l- A s ia n E le c tric - P o w e r C o rp o ra tio n», JS C J o in t - s t o c k c o m p C E N T R A L - A S IA N E L E C T R IC P O W a n y E R C O R P O R A T IO N I n t e r n a l A u d i t P O L IC Y o f J o in t - S t o c k C o m p a n y C E N T R A L - A S

More information

SELinux and grsecurity: A Side-by-Side Comparison of Mandatory Access Control and Access Control List Implementations

SELinux and grsecurity: A Side-by-Side Comparison of Mandatory Access Control and Access Control List Implementations SELinux and grsecurity: A Side-by-Side Comparison of Mandatory Access Control and Access Control List Implementations Michael Fox, John Giordano, Lori Stotler, Arun Thomas {mrf4u, jcg8f, les7j, at4a}@cs.virginia.edu

More information

T e s t e xp re s s i o n B o d y o f i f E xi t F i g u re 1 - F l o w c h art o f th e i f s tate m M u l ti S tate m s i n th e i f B o d y : L ik

T e s t e xp re s s i o n B o d y o f i f E xi t F i g u re 1 - F l o w c h art o f th e i f s tate m M u l ti S tate m s i n th e i f B o d y : L ik MQL4 COURSE By Coders guru w w w. f orex -t sd. c om -6- Loops & Decisions Part 2 ---------------------------- We l c o m e t o t h e s ix t h l e s s o n in m y c o u r s e a b o u t M Q L 4. I h o pe

More information

U.S. Department of Housing and Urban Development: Weekly Progress Report on Recovery Act Spending

U.S. Department of Housing and Urban Development: Weekly Progress Report on Recovery Act Spending U.S. Department of Housing and Urban Development: Weekly Progress Report on Recovery Act Spending by State and Program Report as of 3/7/2011 5:40:51 PM HUD's Weekly Recovery Act Progress Report: AK Grants

More information

The Periodic Table of the Elements. The Periodic Table of the Elements QUIZ THURSDAY Oct 20

The Periodic Table of the Elements. The Periodic Table of the Elements QUIZ THURSDAY Oct 20 The Periodic Table of the Elements 1 18 1 2 H 2 13 14 15 16 17 He 1.0079 4.0026 3 4 5 6 7 8 9 10 Li Be B C N O F Ne 6.941 9.01218 10.811 12.011 14.0067 15.9994 18.9984 20.1797 11 12 13 14 15 16 17 18 Na

More information

Software Vulnerabilities

Software Vulnerabilities Software Vulnerabilities -- stack overflow Code based security Code based security discusses typical vulnerabilities made by programmers that can be exploited by miscreants Implementing safe software in

More information

Betriebssysteme KU Security

Betriebssysteme KU Security Betriebssysteme KU Security IAIK Graz University of Technology 1 1. Drivers 2. Security - The simple stuff 3. Code injection attacks 4. Side-channel attacks 2 1. Drivers 2. Security - The simple stuff

More information

Embedded Linux development with Buildroot training 3-day session

Embedded Linux development with Buildroot training 3-day session Embedded Linux development with training 3-day session Title Overview Duration Trainer Language Audience Embedded Linux development with training Introduction to Managing and building the configuration

More information

Table 12: Availability Of Workers Compensation Insurance Through Homeowner s Insurance By Jurisdiction

Table 12: Availability Of Workers Compensation Insurance Through Homeowner s Insurance By Jurisdiction AL No 2 Yes No See footnote 2. AK No Yes No N/A AZ Yes Yes Yes No specific coverage or rate information available. AR No Yes No N/A CA Yes No No Section 11590 of the CA State Insurance Code mandates the

More information

Unit 16 : Software Development Standards O b jec t ive T o p r o v id e a gu ide on ho w t o ac h iev e so f t wa r e p r o cess improvement through the use of software and systems engineering standards.

More information

The Lincoln National Life Insurance Company Variable Life Portfolio

The Lincoln National Life Insurance Company Variable Life Portfolio The Lincoln National Life Insurance Company Variable Life Portfolio State Availability as of 12/14/2015 PRODUCTS AL AK AZ AR CA CO CT DE DC FL GA GU HI ID IL IN IA KS KY LA ME MP MD MA MI MN MS MO MT NE

More information

Topic 3 Periodic Trends

Topic 3 Periodic Trends Topic 3 Periodic Trends Chapter 06 Trends on the Periodic Table Chapter 07 Relationships between the elements CHEM 10 T03D01 How are elements arranged Prior to 1735, only 12 elements were known to man

More information

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Licensure Endorsement

Federation of State Boards of Physical Therapy Jurisdiction Licensure Reference Guide Topic: Licensure Endorsement The table below lists the licensure requirements for already-licensed PTs and PTAs applying for licensure in another jurisdiction. Summary Number of jurisdictions requiring license from: license was ever

More information

All answers must use the correct number of significant figures, and must show units!

All answers must use the correct number of significant figures, and must show units! CHEM 10113, Quiz 2 September 7, 2011 Name (please print) All answers must use the correct number of significant figures, and must show units! IA Periodic Table of the Elements VIIIA (1) (18) 1 2 1 H IIA

More information

Light-Weight and Resource Efficient OS-Level Virtualization Herbert Pötzl

Light-Weight and Resource Efficient OS-Level Virtualization Herbert Pötzl Light-Weight and Resource Efficient OS-Level Virtualization 1 Introduction Computers have become sufficiently powerful to use virtualization to create the illusion of many smaller virtual machines, each

More information

...e SELinux fosse più sicuro?...and if Linux was more secure? (Play on words with the Italian language)

...e SELinux fosse più sicuro?...and if Linux was more secure? (Play on words with the Italian language) ...e SELinux fosse più sicuro?...and if Linux was more secure? (Play on words with the Italian language) Marco Pizzoli IMOLUG: Imola e Faenza Linux Users Group www.imolug.org 1 About the speaker... System

More information

Red Hat Enterprise Linux for zseries, S/390: Extending Linux throughout the Datacenter

Red Hat Enterprise Linux for zseries, S/390: Extending Linux throughout the Datacenter Red Hat Enterprise Linux for zseries, S/390: Extending Linux throughout the Datacenter SHARE August 2004 Session 9283 Mike Ferris Enterprise OS Product Manager What Does Red Hat Do? From an engineering

More information

umps software development

umps software development Laboratorio di Sistemi Operativi Anno Accademico 2006-2007 Software Development with umps Part 2 Mauro Morsiani Software development with umps architecture: Assembly language development is cumbersome:

More information

Laboratorio di Sistemi Operativi Anno Accademico 2009-2010

Laboratorio di Sistemi Operativi Anno Accademico 2009-2010 Laboratorio di Sistemi Operativi Anno Accademico 2009-2010 Software Development with umps Part 2 Mauro Morsiani Copyright Permission is granted to copy, distribute and/or modify this document under the

More information

S e w i n g m a c h i n e s for but t - seams. - c o m p l e t e b r o c h u r e -

S e w i n g m a c h i n e s for but t - seams. - c o m p l e t e b r o c h u r e - S e w i n g m a c h i n e s for but t - seams - c o m p l e t e b r o c h u r e - D o h l e s e w i n g m a c h i n e s f o r b u t t - s e a m s Head Office D o h l e m a n u f a c t u re b u t t s e

More information

Odhad - Outlook 7800 KB/den/uživatele, tedy: (100 už. x 7800 KB x 8 b) / (8 h x 3600 s) = 216 Kbps Odhad Ve špičce - OWA 432 Kbps 36 330

Odhad - Outlook 7800 KB/den/uživatele, tedy: (100 už. x 7800 KB x 8 b) / (8 h x 3600 s) = 216 Kbps Odhad Ve špičce - OWA 432 Kbps 36 330 Odhad - Outlook 7800 KB/den/uživatele, tedy: (100 už. x 7800 KB x 8 b) / (8 h x 3600 s) = 216 Kbps Odhad Ve špičce - OWA 432 Kbps 36 330 KB/den/uživatele, tedy: (100 už. x 36 330 KB x 8 b) / (8 h x 3600

More information

CHEM 10113, Quiz 7 December 7, 2011

CHEM 10113, Quiz 7 December 7, 2011 CHEM 10113, Quiz 7 December 7, 2011 Name (please print) All equations must be balanced and show phases for full credit. Significant figures count, show charges as appropriate, and please box your answers!

More information

Computer Security CS 426. CS426 Fall 2010/Lecture 40 1

Computer Security CS 426. CS426 Fall 2010/Lecture 40 1 Computer Security CS 426 Review for Final Exam CS426 Fall 2010/Lecture 40 1 Basic Concepts Confidentiality Integrity Availability Authenticity Integrity (in communications) Non-repudiation Privacy (general

More information

T h is do c u m e nt r e f e r s to F a st E th e r C h a nne l, G ig a b it E th e r C h a nne l, p o r t c h a nne l a nd p o r t g r o u p w ith a

T h is do c u m e nt r e f e r s to F a st E th e r C h a nne l, G ig a b it E th e r C h a nne l, p o r t c h a nne l a nd p o r t g r o u p w ith a Understanding L ay er 3 Eth erch annel S u p p o rt o n th e Cisc o I ntegrated S erv ic es R o u ter T h e p u r p o se o f th is do c u m e nt is to e x p l a in C isc o Inte g r a te d S e r v ic e

More information

online magazine first edition 2009 berkeley club of france - online magazine - first edition 2009 berkeley club of france

online magazine first edition 2009 berkeley club of france - online magazine - first edition 2009 berkeley club of france berkeley club of france - online magazine - first edition 2009 online magazine first edition 2009 berkeley club of france in this issue... The BCF Online Magazine Published by the Berkeley Club of France

More information

Přednášející... Kamil Juřík. kamil.jurik@prosharepoint.cz. Lead Consultant & Platform Architect

Přednášející... Kamil Juřík. kamil.jurik@prosharepoint.cz. Lead Consultant & Platform Architect Přednášející... Kamil Juřík Lead Consultant & Platform Architect kamil.jurik@prosharepoint.cz Microsoft Most Valuable Professional: SharePoint Server Microsoft Certified Trainer Microsoft Certified IT

More information

Use Cases for Docker in Enterprise Linux Environment CloudOpen North America, 2014 Linda Wang Sr. Software Engineering Manager Red Hat, Inc.

Use Cases for Docker in Enterprise Linux Environment CloudOpen North America, 2014 Linda Wang Sr. Software Engineering Manager Red Hat, Inc. Use Cases for Docker in Enterprise Linux Environment CloudOpen North America, 2014 Linda Wang Sr. Software Engineering Manager Red Hat, Inc. 1 2 Containerize! 3 Use Cases for Docker in the Enterprise Linux

More information

Như ng kiê n thư c câ n biê t vê giâ y phe p cư tru điê n tư (eat)

Như ng kiê n thư c câ n biê t vê giâ y phe p cư tru điê n tư (eat) Như ng kiê n thư c câ n biê t vê giâ y phe p cư tru điê n tư (eat) www.bamf.de/eaufenthaltstitel Mu c lu c Mu c lu c 1 Giâ y phe p cư tru điê n tư 5 2 Tâ m a nh va ca c dâ u ngo n tay 7 3 Ca c qui đi

More information

WLA-5000AP. Quick Setup Guide. English. Slovensky. Česky. 802.11a/b/g Multi-function Wireless Access Point

WLA-5000AP. Quick Setup Guide. English. Slovensky. Česky. 802.11a/b/g Multi-function Wireless Access Point 802.11a/b/g Multi-function Wireless Access Point Quick Setup Guide 1 5 Česky 9 Important Information The AP+WDS mode s default IP address is 192.168.1.1 The Client mode s default IP is 192.168.1.2 The

More information

3.01 Elements, Symbols and Periodic Table

3.01 Elements, Symbols and Periodic Table .0 Elements, Symbols and Periodic Table Dr. Fred O. Garces Chemistry 00 Miramar College.0 Elements, symbols and the Periodic Table January 0 The Elements: Building block of Matter The periodic table of

More information

U S B Pay m e n t P r o c e s s i n g TM

U S B Pay m e n t P r o c e s s i n g TM U S B Pay m e n t P r o c e s s i n g T h a t s S m a r t P r o c e s s i n g TM USB was simple to enroll in. They had competitive rates and all the fees were listed clearly with no surprises. Everyone

More information