DOCSLIB.ORG

Archived NIST Technical Series Publication

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Archived NIST Technical Series Publication Archived NIST Technical Series Publication The attached publication has been archived (withdrawn), and is provided solely for historical purposes. It may have been superseded by another publication (indicated below). Archived Publication Series/Number: NIST Special Publication 800-40 Title: Procedures for Handling Security Patches Publication Date(s): August 2002 Withdrawal Date: November 2005 Withdrawal Note: SP 800-40 is superseded in its entirety by the publication of SP 800-40 Version 2.0 (November 2005). Superseding Publication(s) The attached publication has been superseded by the following publication(s): Series/Number: NIST Special Publication 800-40 Version 2.0 Title: Creating a Patch and Vulnerability Management Program Author(s): Peter Mell, Tiffany Bergeron, David Henning Publication Date(s): November 2005 URL/DOI: http://dx.doi.org/10.6028/NIST.SP.800-40ver2 Additional Information (if applicable) Contact: Computer Security Division (Information Technology Lab) Latest revision of the SP 800-40 Revision 3 (as of August 7, 2015) attached publication: Related information: http://csrc.nist.gov/ Withdrawal SP 800-40 Version 2 provides basic guidance on establishing patch announcement (link): management programs, and guidance to organizations with legacy needs. Date updated: ƵŐƵƐƚϳ, 2015 NIST Special Publication 800-40 Procedures for Handling Security Patches Recommendations of the National Institute of Standards and Technology Peter Mell and Miles C. Tracy NIST Special Publication 800-40 Procedures for Handling Security Patches Recommendations of the National Institute of Standards and Technology Peter Mell and Miles C. Tracy C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 August 2002 U.S. Department of Commerce Donald L. Evans, Secretary Technology Administration Phillip J. Bond, Under Secretary for Technology National Institute of Standards and Technology Arden L. Bement, Jr., Director ii Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-40 Natl. Inst. Stand. Technol. Spec. Publ. 800-40, xx pages (Mon. 2002) CODEN: XXXXX Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsem ent by the National Institute of Standards and Technology, nor is it intended to imply that the entities, materials, or equipment are necessarily the best av ailable for the purpose. U.S. GOVERNMENT PRINTING OFFICE WASHINGTON: 2002 For sale by the Superintendent of Documents, U.S. Government Printing Office Internet: bookstore.gpo.gov — Phone: (202) 512-1800 — Fax: (202) 512-2250 Mail: Stop SSOP, Washington, DC 20402-0001 iii Executive Summary Timely patching is critical to maintain the operational availability, confidentiality, and integrity of information technology (IT) systems. However, failure to keep operating system and application software patched is the most common mistake made by IT professionals. New patches are released daily, and it is often difficult for even experienced system administrators to keep abreast of all the new patches. Vulnerabilities are weaknesses in software that can be exploited by a malicious entity to gain greater access and/or permission than it is authorized to have on a computer. Not all vulnerabilities have related patches; thus, system administrators must not only be aware of vulnerabilities and patches, but also mitigate “unpatched” vulnerabilities through other methods (e.g. workarounds, firewalls, and router access control lists). To help address this growing problem, we recommend that organizations have an explicit and documented patching and vulnerability policy and a systematic, accountable, and documented process for handling patches. This document provides principles and methodologies for accomplishing this. One of several possible techniques is through the creation of a patch and vulnerability group (PVG). This group would facilitate the identification and distribution of patches within the organization. Its duties should include: 1. Creating an organizational hardware and software inventory 2. Identifying newly discovered vulnerabilities and security patches 3. Prioritizing patch application 4. Creating an organization-specific patch database 5. Testing patches for functionality and security (to the degree that resources allow) 6. Distributing patch and vulnerability information to local administrators 7. Verifying patch installation through network and host vulnerability scanning 8. Training system administrators in the use of vulnerability databases 9. Deploying patches automatically (when applicable) 10. Configure Automatic Update of Applications (when applicable). If organizations use the PVG approach, this would not diminish the responsibility of all systems administrators to patch the systems under their control. Each systems administrator would: 1. Apply patches identified by the PVG 2. Test patches on the specific target systems 3. Identify patches and vulnerabilities associated with software not monitored by the PVG Besides creating a PVG, organizations should be aware that applying patches and mitigating vulnerabilities is not always a straightforward process. To help with this, our document covers areas such as prioritizing patches, obtaining patches, testing patches, and applying patches. iv Acknowledgements The authors, Peter Mell of NIST and Miles Tracy of Booz Allen Hamilton (BAH) wish to express their thanks to Timothy Grance, John Wack, and Murugiah Souppaya of NIST and Alexis Feringa, Jennifer Tracy, Jonathan Holleran, Mark McLarnon, and Brian Kim of BAH for their research, technical support, and written contributions to this document. The authors would also like to express their thanks to all those who contributed input during the public comment period. v Applying Security Patches – Draft 3.0– 06/06/2002 Table of Contents 1. INTRODUCTION ............................................................................................................ 1 1.1 AUTHORITY ...................................................................................................................... 2 1.2 PURPOSE AND SCOPE........................................................................................................ 2 1.3 OBJECTIVE ........................................................................................................................ 3 1.4 AUDIENCE AND ASSUMPTIONS......................................................................................... 3 1.5 DOCUMENT STRUCTURE .................................................................................................. 3 2. CREATING AND IMPLEMENTING A PATCHING PROCESS.......................... 5 2.1 THE PATCH AND VULNERABILITY GROUP....................................................................... 5 2.2 SYSTEMS ADMINISTRATOR PATCHING RESPONSIBILITIES .............................................. 8 3. IDENTIFYING VULNERABILITIES AND APPLICABLE PATCHES ............ 10 3.1 VENDOR WEBSITES AND MAILING LISTS ...................................................................... 11 3.2 THIRD-PARTY WEBSITES ............................................................................................... 12 3.3 THIRD-PARTY MAILING LISTS AND NEWSGROUPS ....................................................... 13 3.4 VULNERABILITY SCANNERS........................................................................................... 14 3.5 VULNERABILITY DATABASES ........................................................................................ 16 3.6 OTHER NOTIFICATION TOOLS ........................................................................................ 17 4. GOVERNMENT VULNERABILITY IDENTIFICATION RESOURCES......... 19 4.1 CVE VULNERABILITY LIST............................................................................................ 19 4.2 NIST ICAT VULNERABILITY INDEX ............................................................................. 20 4.3 NATIONAL INFRASTRUCTURE PROTECTION CENTER .................................................... 21 4.4 CERT/CC....................................................................................................................... 23 4.5 FEDERAL COMPUTER INCIDENT RESPONSE CENTER (FEDCIRC)................................. 24 5. PATCHING PROCEDURES ....................................................................................... 26 5.1 PATCHING PRIORITIES ...................................................................................................
Load more

Recommended publications
  • Linux on the Road
    Linux on the Road Linux with Laptops, Notebooks, PDAs, Mobile Phones and Other Portable Devices Werner Heuser <wehe[AT]tuxmobil.org> Linux Mobile Edition Edition Version 3.22 TuxMobil Berlin Copyright © 2000-2011 Werner Heuser 2011-12-12 Revision History Revision 3.22 2011-12-12 Revised by: wh The address of the opensuse-mobile mailing list has been added, a section power management for graphics cards has been added, a short description of Intel's LinuxPowerTop project has been added, all references to Suspend2 have been changed to TuxOnIce, links to OpenSync and Funambol syncronization packages have been added, some notes about SSDs have been added, many URLs have been checked and some minor improvements have been made. Revision 3.21 2005-11-14 Revised by: wh Some more typos have been fixed. Revision 3.20 2005-11-14 Revised by: wh Some typos have been fixed. Revision 3.19 2005-11-14 Revised by: wh A link to keytouch has been added, minor changes have been made. Revision 3.18 2005-10-10 Revised by: wh Some URLs have been updated, spelling has been corrected, minor changes have been made. Revision 3.17.1 2005-09-28 Revised by: sh A technical and a language review have been performed by Sebastian Henschel. Numerous bugs have been fixed and many URLs have been updated. Revision 3.17 2005-08-28 Revised by: wh Some more tools added to external monitor/projector section, link to Zaurus Development with Damn Small Linux added to cross-compile section, some additions about acoustic management for hard disks added, references to X.org added to X11 sections, link to laptop-mode-tools added, some URLs updated, spelling cleaned, minor changes.
    [Show full text]
  • Administración Servidores Linux Paso a Paso
    1 Facultad de Ingeniería Mecánica – Universidad Nacional de Ingeniería Administración Servidores Linux Paso a Paso Configuración Servidor Multifunción + Vmware Server 2 (Ver. 1.3) Universidad Nacional de Ingeniería – Facultad de Ingeniería Mecánica - INFOUNI Centro de Cómputo INFOUNI 2 Facultad de Ingeniería Mecánica – Universidad Nacional de Ingeniería Administración Servidores Linux Paso a Paso L. Muga Linux Registered User # 487284 Versión 1.3 Software: Debian 4 Linux, Debian 5 Linux, VMware Server 2.0. Bajo Licencia Creative Commons: Reconocimiento - No comercial 2.5 Perú Usted es libre de: Copiar, Distribuir, Comunicar públicamente la obra y realizar Obras Derivadas bajo las condiciones siguientes: Reconocimiento: Debe reconocer los créditos de la obra de la manera especificada por el autor o licenciante. No comercial: No puede utilizar esta obra para fines comerciales. Alguna de estas condiciones puede no aplicarse si se obtiene el permiso del titular de los derechos de autor. Nada en esta licencia menoscaba o restringe los derechos morales del autor. Windows XP, el logotipo de Windows y VMware son marcas registradas de Microsoft Corporation y VMware Inc. Composición: OpenOffice Versiones: Versión 1.3 : Revisión ortográfica, edición de capítulos anteriores, publicación de capítulo 18 Versión 1.2 : Revisión ortográfica, edición de capítulos anteriores, publicación de capítulos 15, 16 y 17. Versión 1.1 : Revisión ortográfica, publicación de capítulo 14. Versión 1.0 : Publicación del manual. Puede encontrar la última versión del manual en la siguiente dirección: http://issuu.com/nemesisx666. Centro de Cómputo INFOUNI 3 Facultad de Ingeniería Mecánica – Universidad Nacional de Ingeniería Indice General 1. Instalación y configuración de un servidor multifunción 5 1.1 Requisitos de hardware 1.2 Instalando Debian Etch y Actualización a Lenny 1.3 Instalando Debian Lenny 1.4 Antes de empezar 1.5 Configuración de red 1.6 Configuración básica de repositorios 1.7 Instalación de paquetes 1.8 Paquetes para el desarrollo del manual 2.
    [Show full text]
  • Debian \ Amber \ Arco-Debian \ Arc-Live \ Aslinux \ Beatrix
    Debian \ Amber \ Arco-Debian \ Arc-Live \ ASLinux \ BeatriX \ BlackRhino \ BlankON \ Bluewall \ BOSS \ Canaima \ Clonezilla Live \ Conducit \ Corel \ Xandros \ DeadCD \ Olive \ DeMuDi \ \ 64Studio (64 Studio) \ DoudouLinux \ DRBL \ Elive \ Epidemic \ Estrella Roja \ Euronode \ GALPon MiniNo \ Gibraltar \ GNUGuitarINUX \ gnuLiNex \ \ Lihuen \ grml \ Guadalinex \ Impi \ Inquisitor \ Linux Mint Debian \ LliureX \ K-DEMar \ kademar \ Knoppix \ \ B2D \ \ Bioknoppix \ \ Damn Small Linux \ \ \ Hikarunix \ \ \ DSL-N \ \ \ Damn Vulnerable Linux \ \ Danix \ \ Feather \ \ INSERT \ \ Joatha \ \ Kaella \ \ Kanotix \ \ \ Auditor Security Linux \ \ \ Backtrack \ \ \ Parsix \ \ Kurumin \ \ \ Dizinha \ \ \ \ NeoDizinha \ \ \ \ Patinho Faminto \ \ \ Kalango \ \ \ Poseidon \ \ MAX \ \ Medialinux \ \ Mediainlinux \ \ ArtistX \ \ Morphix \ \ \ Aquamorph \ \ \ Dreamlinux \ \ \ Hiwix \ \ \ Hiweed \ \ \ \ Deepin \ \ \ ZoneCD \ \ Musix \ \ ParallelKnoppix \ \ Quantian \ \ Shabdix \ \ Symphony OS \ \ Whoppix \ \ WHAX \ LEAF \ Libranet \ Librassoc \ Lindows \ Linspire \ \ Freespire \ Liquid Lemur \ Matriux \ MEPIS \ SimplyMEPIS \ \ antiX \ \ \ Swift \ Metamorphose \ miniwoody \ Bonzai \ MoLinux \ \ Tirwal \ NepaLinux \ Nova \ Omoikane (Arma) \ OpenMediaVault \ OS2005 \ Maemo \ Meego Harmattan \ PelicanHPC \ Progeny \ Progress \ Proxmox \ PureOS \ Red Ribbon \ Resulinux \ Rxart \ SalineOS \ Semplice \ sidux \ aptosid \ \ siduction \ Skolelinux \ Snowlinux \ srvRX live \ Storm \ Tails \ ThinClientOS \ Trisquel \ Tuquito \ Ubuntu \ \ A/V \ \ AV \ \ Airinux \ \ Arabian
    [Show full text]
  • TECHNOLOGIE INFORMACYJNE D DISTRIBUTION STATEMENT * Approved for Public Release Distribution Unlimited
    ZESZYTY NAUKOWE WYDZIAtU ETI POLITECHNIKI GDANSKIEJ TECHNOLOGIE INFORMACYJNE D DISTRIBUTION STATEMENT * Approved for Public Release Distribution Unlimited NR3 >- oQ. o LLI -I CQ 1 H CO UJ CQ 1904 1945 2004/2005 JUBILEUSZ POLITECHNIKI W GDANSKU REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188), Washington, DC 20503. 1. AGENCY USE ONLY (Leave blank) 2. REPORT DATE 3. REPORT TYPE AND DATES COVERED 23 August 2004 Conference Proceedings, 18 May 2004 4. TITLE AND SUBTITLE 5. FUNDING NUMBERS 2nd Conference on Information Technology / Special Session on Homeland Security, Volume 3 FA8655-04-1-5047 6. AUTHOR(S) Conference Committee 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. Performing Organization Report Number Gdansk University of Technology ul. Gabriela Narutowicza 11/12 80-952 Gdansk 80-952 Poland 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES 10. SPONSORING/MONITORING AGENCY REPORT NUMBER EOARD PSC 802 Box 14 CSP 04-5047 FPO 09499-0014 11. SUPPLEMENTARY NOTES Volume 3, ISBN 83-917681-5-5 Copyright 2004 Wydzial ETI Politechniki Gdanskiej Gdansk.
    [Show full text]
  • Knowing Knoppix/Print Version - Wikibooks, Open Books for an Open World
    Knowing Knoppix/Print version - Wikibooks, open books for an open world Knowing Knoppix/Print version Knowing Knoppix The current, editable version of this book is available in Wikibooks, the open-content textbooks collection, at http://en.wikibooks.org/wiki/Knowing_Knoppix Permission is granted to copy, distribute, and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 3.0 License. Contents 1 Introducing Knoppix 1.1 Introducing Knoppix 1.1.1 What is Knoppix? 1.1.1.1 Linux that runs from CD 1.1.1.2 Can be installed on a Hard Disk or a USB key 1.1.1.3 How it works 1.1.1.4 Safe to run 1.1.1.5 Personal 1.1.1.6 Free 1.1.2 What you can do with Knoppix 1.1.2.1 Learn Linux 1.1.2.2 Rescue and test 1.1.2.3 Use and explore 1.1.2.4 Network 1.1.3 Where Knoppix comes from 1.1.4 Knoppix is Free Software 1.1.5 Limitations 1.1.5.1 No warranty 1.1.5.2 CD means slow 1.1.5.3 Not everything works 1 von 71 Knowing Knoppix/Print version - Wikibooks, open books for an open world 1.1.5.4 RAM intensive 1.1.6 What is included in Knoppix? 1.1.7 What is Linux? 1.1.7.1 A little history 1.1.7.1.1 How GNU grew 1.1.7.1.2 It's a GNU world! 2 Knoppix for the first time 2.1 Knoppix for the first time 2.1.1 Overview 2.1.2 Hardware requirements 2.1.3 Starting Knoppix 2.1.3.1 The first stage 2.1.3.2 The second stage 2.1.4 The first stage 2.1.4.1 Getting to the boot prompt 2.1.4.2 Help at the boot prompt 2.1.4.2.1 Quick help 2.1.5 The second stage 2.1.5.1 Starting Knoppix proper 2.1.5.2 Which keyboard/language? 2.1.5.3 Automatic hardware detection
    [Show full text]
  • GNU/Linux Distro Timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A
    1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 Libranet Omoikane (Arma) Gibraltar GNU/Linux distro timeline LEAF Version 10.9 Skolelinux Lindows Linspire Authors: A. Lundqvist, D. Rodic - futurist.se/gldt Freespire Published under the GNU Free Documentation License MEPIS SimplyMEPIS Impi Guadalinex Clonezilla Live Edubuntu Xubuntu gNewSense Geubuntu OpenGEU Fluxbuntu Eeebuntu Aurora OS Zebuntu ZevenOS Maryan Qimo wattOS Element Jolicloud Ubuntu Netrunner Ylmf Lubuntu eBox Zentyal Ubuntu eee Easy Peasy CrunchBang gOS Kiwi Ubuntulite U-lite Linux Mint nUbuntu Kubuntu Ulteo MoLinux BlankOn Elive OS2005 Maemo Epidemic sidux PelicanHPC Inquisitor Canaima Debian Metamorphose Estrella Roja BOSS PureOS NepaLinux Tuquito Trisquel Resulinux BeatriX grml DeadCD Olive Bluewall ASLinux gnuLiNex DeMuDi Progeny Quantian DSL-N Damn Small Linux Hikarunix Damn Vulnerable Linux Danix Parsix Kanotix Auditor Security Linux Backtrack Bioknoppix Whoppix WHAX Symphony OS Knoppix Musix ParallelKnoppix Kaella Shabdix Feather KnoppMyth Aquamorph Dreamlinux Morphix ZoneCD Hiwix Hiweed Deepin Kalango Kurumin Poseidon Dizinha NeoDizinha Patinho Faminto Finnix Storm Corel Xandros Moblin MeeGo Bogus Trans-Ameritech Android Mini Monkey Tinfoil Hat Tiny Core Yggdrasil Linux Universe Midori Quirky TAMU DILINUX DOSLINUX Mamona Craftworks BluePoint Yoper MCC Interim Pardus Xdenu EnGarde Puppy Macpup SmoothWall GPL SmoothWall Express IPCop IPFire Beehive Paldo Source Mage Sorcerer Lunar eIT easyLinux GoboLinux GeeXboX Dragora
    [Show full text]
  • Linux Utilisation-Distributions-Linux
    Les distributions Par son mode de diffusion particulier, Linux est parfois déroutant. En effet, on ne se procure jamais le système Linux mais un système Linux. Chacun est libre d’assembler son propre système Linux et de le distribuer, gratuitement ou non. Il est même possible de prendre une distribution existante, d’en changer le nom, et de la redistribuer ainsi… Exemple de distributions disponibles: AbulÉdu, Adamantix, ADIOS, Admelix, Archie, ALT, Amber, AnNyung, ANTEMIUM, APODIO, Arabian, Arch, Ark, AsianLinux, Asianux, ASLinux, ASPLinux, Astaro, Asterisk@Home, Athene, ATmission, Auditor, Aurora, Aurox, AUSTRUMI, Hubworx, B2D, Bayanihan, BeatrIX, Berry, BIG LINUX, BioBrew, Bioknoppix, blackPanther, BLAG, Blin, Buffalo, Caixa Mágica, cAos, Càtix, CCux, CDlinux, Censornet, CentOS, ClarkConnect, Clusterix, clusterKNOPPIX, Condorux, Conectiva, Cosix, CRUX, Damn Small, Danix, DARKSTAR, DeadCD, Debian, Deep-Water, Defender, DeLi, AGNULA, DesktopBSD, Devil, Dizinha, DNALinux, DragonFly, P!tux, dyne:bolic, Eadem, Edubuntu, eduKnoppix, EduLinux, Ehad, eLearnix, Elive, ELX, EnGarde, ERPOSS, SME Server, ESware, Evinux, EzPlanet One, FAMELIX, Feather, Featherweight, Fedora, Fermi, Flash, Flonix, Foresight, FoRK, FoX Desktop, FreeBSD, Freedows, Freeduc, Freeduc-Sup, FreeSBIE, Frenzy, Frugalware, FTOSX, GeeXboX, Gelecek, Gentoo, GentooTH, Gentoox, GEOLivre, Gibraltar, GNIX, Gnoppix, gNOX, GNUstep, GobLinX, GoboLinux, grml, Guadalinex, GuLIC-BSD, h3knix, Haansoft, Hancom, Helix, Hikarunix, Hiweed, HKLPG, Holon, Honeywall, iBox, IDMS, Ignalum, Impi,
    [Show full text]
  • O'reilly Knoppix Hacks (2Nd Edition).Pdf
    SECOND EDITION KNOPPIX HACKSTM Kyle Rankin Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Knoppix Hacks,™ Second Edition by Kyle Rankin Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Brian Jepson Cover Designer: Karen Montgomery Production Editor: Adam Witwer Interior Designer: David Futato Production Services: Octal Publishing, Inc. Illustrators: Robert Romano and Jessamyn Read Printing History: October 2004: First Edition. November 2007: Second Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Hacks series designations, Knoppix Hacks, the image of a pocket knife, “Hacks 100 Industrial-Strength Tips and Tools,” and related trade dress are trademarks of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein. Small print: The technologies discussed in this publication, the limitations on these technologies that technology and content owners seek to impose, and the laws actually limiting the use of these technologies are constantly changing.
    [Show full text]
  • Technische Praxis Der Computersysteme Teil 1
    Technische Praxis der Computersysteme Teil 1 Einfuhrung¨ in die Benutzung und Installation eines Linux/Unix-Systems Roland Steinbauer, Martin Piskernig, Andreas Nemeth, Bernhard Lamel Version 1.5, Oktober 2005 Inhaltsverzeichnis 0 Begriffskl¨arung 1 1 Historische Einleitung 4 1.1 Eine kurze Geschichte von Unix . 4 1.2 Freie Software . 8 1.3 Kurze Geschichte von Linux . 10 1.4 Linux-Distributionen . 13 2 Technische Einleitung 20 2.1 Linux-Design . 20 2.2 Multitasking . 22 2.3 Aufbau eines Unix/Linux-Systems . 24 2.4 Hardwareanforderungen, Dualboot . 32 3 Benutzung 1 36 3.1 Allgemeines . 36 3.2 Shell-Grundlagen . 39 3.3 Vom Umgang mit Dateien . 42 3.4 Umleitungen und Pipes . 47 3.5 Links . 52 3.6 Dateiberechtigungen . 52 3.7 Tour durchs Filesystem . 56 4 Dokumentation 62 5 Editoren 66 6 Benutzung 2 79 6.1 Shell-Variablen . 79 6.1.1 Einige Beispiele zum Quoting . 81 6.1.2 Einfache Schleifenkonstruktionen . 83 6.2 Benutzerumgebung . 84 6.3 Prozeßkontrolle . 85 6.4 Weiteres . 91 7 X-Window 98 8 Installation 104 8.1 Vorbereitung und Planung . 104 8.2 Ub¨ erblick ub¨ er die Installation . 107 8.3 Installation eines Linux-Systems . 112 9 Konfiguration 135 9.1 Startup und Shutdown . 135 9.2 Systemdienste . 140 9.3 Softwareinstallation . 144 Vorbemerkungen zu Version 1.5 Version 1.5 dieses Skriptums basiert nach wie vor auf dem bew¨ahrten Originalentwurf von Roland Steinbauer. Es enth¨alt die ersten gr¨osseren Anderungen¨ seit 2003. Ich habe begonnen, Beispiele aus den Folien in den Buchteil des Skriptums zu ub¨ ernehmen; in der Vorlesung werden zum Teil nicht idente, aber entsprechend analoge Beispiele vorgefuhrt.¨ Die Versionsnummer liegt noch immer unter der n¨achsten ganzzahligen Grenze; fur¨ Ver- sion 2.0 plane ich insbesondere auch einen Index, der in dieser Version allerdings noch fehlt.
    [Show full text]
  • Emerlin Repeater Station PC (RPC)
    EMerlin Repeater Station PC (RPC) P. Burgess, Jodrell Bank Observatory 05/Feb/2004 (V1.3) Last Revision: 02/Aug/2005 V1.5e; 25/Sep/2008 v1.5f 1.Introduction. The Repeater PC is a straightforward ‘minimal’ PC for monitoring eMerlin fibre- optic repeater stations. It is intended normally to be accessed by dial-up modem. A local keyboard and display is provided. The unit operates under the Linux operating system. This document provides sufficient information to rebuild a system from scratch, although normally it will be provided set up. 2. Design Requirements: • Support Linux and dial-up modem, plus additional serial ports. • Provide simple on-site display and keyboard • Low cost and maintenance • Sustainable upgrade path to hardware changes These requirements may be met by a simple combination of off-the-shelf motherboard, CPU and memory components. Although very small single-board PCs are available, space is not at a premium, so a commercial 4Ux19in. rack mount case has been chosen. This case includes a keyboard and VGA (640x480) colour display. The additional cost of this hardware (most of the cost of the complete unit in fact) is justified by convenience and robustness. Jodrell VLBI has experience with Asus motherboards and AMD CPUs and finds them well-supported. We have attempted to select devices with known Linux compatibility. Choice of Modem: In particular there is a problem using internal modems under Linux. Most internal cards are now so-called ‘Winmodems’, i.e. they have minimal (or no) controller hardware, and requires Windows to replace it. There are a small number of devices which do have internal hardware, usually known as ‘Linmodems’,which have drivers, or may be configured, for Linux.
    [Show full text]
  • Debian GNU/Linux Since 1995
    Michael Meskes The Best Linux Distribution credativ 2017 www.credativ.com Michael • Free Software since 1993 • Linux since 1994 Meskes • Debian GNU/Linux since 1995 • PostgreSQL since 1998 credativ 2017 www.credativ.com Michael Meskes credativ 2017 www.credativ.com Michael • 1992 – 1996 Ph.D. • 1996 – 1998 Project Manager Meskes • 1998 – 2000 Branch Manager • Since 2000 President credativ 2017 www.credativ.com • Over 60 employees on staff FOSS • Europe, North America, Asia Specialists • Open Source Software Support and Services • Support: break/fix, advanced administration, Complete monitoring Stack • Consulting: selection, migration, implementation, Supported integration, upgrade, performance, high availability, virtualization All Major • Development: enhancement, bug-fix, integration, Open Source backport, packaging Projects ● Operating, Hosting, Training credativ 2017 www.credativ.com The Beginning © Venusianer@German Wikipedia credativ 2017 www.credativ.com The Beginning 2nd Try ©Gisle Hannemyr ©linuxmag.com credativ 2017 www.credativ.com Nothing is stronger than an idea whose Going time has come. Back On résiste à l'invasion des armées; on ne résiste pas à l'invasion des idées. In One withstands the invasion of armies; one does not withstand the invasion of ideas. Victor Hugo Time credativ 2017 www.credativ.com The Beginning ©Ilya Schurov Fellow Linuxers, This is just to announce the imminent completion of a brand-new Linux release, which I’m calling the Debian 3rd Try Linux Release. [. ] Ian A Murdock, 16/08/1993 comp.os.linux.development credativ 2017 www.credativ.com 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 Libranet Omoikane (Arma) Quantian GNU/Linux Distribution Timeline DSL-N Version 12.10-w/Android Damn Small Linux Hikarunix Damn Vulnerable Linux A.
    [Show full text]
  • Debian Une Distribution, Un Projet, Des Contributeurs
    https://people.debian.org/~taffit/talks/2018/ Debian Une distribution, un projet, des contributeurs David Prévot <[email protected]> Mercredi 27 mars 2018 — Lycée Aorai Quelques dates ● Fondée par Ian Murdock (16 août 1993) ● Debian 1.1 Buzz (17 juin 1996) ● Principes du logiciel libre selon Debian (DFSG) (5 juillet 1997) ● Première DebConf à Bordeaux (5 juillet 2000) https://www.debian.org/doc/manuals/project-history/ This hostname is going in dozens of remote config files. Changing a kid’s name is comparatively easy! https://xkcd.com/910/ Quelques chiffres ● Plus de 50 000 paquets binaires ● Installateur disponible en 75 langues ● 10 architectures (amd64, i386, armel, armhf…) ● Des centaines de distributions dérivées (Tails, Ubuntu, etc.) ● Des milliers de contributeurs https://www.debian.org/News/2017/20170617 Répartition des développeurs https://www.debian.org/devel/developers.loc Distributions majeures et dérivées ● Une poignées de distributions Linux à la base : Debian, Red Hat Enterprise Linux, Slackware, Gentoo, Arch Linux, Android, etc. ● De nombreuses distributions sont dérivées des précédentes : Tails, Ubuntu ou Raspbian par exemple pour Debian 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 Libranet Omoikane (Arma) Quantian GNU/Linux Distributions Timeline Damn Small Linux Version 17.10 Damn Vulnerable Linux KnoppMyth © Andreas Lundqvist, Donjan Rodic, Mohammed A. Mustafa Danix © Konimex, Fabio Loli and contributors https://github.com/FabioLolix/linuxtimeline
    [Show full text]