DOCSLIB.ORG

A Hypervisor Based Security Testbed

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

A Hypervisor Based Security Testbed Dan Duchamp and Greg DeAngelis Computer Science Department Stevens Institute of Technology Hoboken, NJ 07030 USA [email protected], [email protected] ABSTRACT system (IDS) on a real world network that is small and We are developing an experimental testbed intended to help highly vulnerable, such as a honeypot [13] or a DMZ. support security research. The testbed allows a network of Conventional approaches to intrusion detection are unmodified hosts, running any of several of unmodified op- either host-based or network-based. A host-based IDS erating systems, to execute in a controlled and reproducible monitors computing activity on a host and raises an manner. The network is implemented on a hypervisor that is alarm when suspicious activity is observed. One weak- instrumented to observe and control security-relevant events. ness of a host-based IDS is that it places the IDS in These events are securely logged to a relational database for the same domain of execution as the vulnerable ma- later analysis. chine, exposing the IDS to whatever happens when the machine is compromised. Another weakness is that in- 1. INTRODUCTION trusion detection logic is applied to only a single host. To protect an entire installation using host-based IDS We are developing an experimental testbed intended software, each host must run the IDS and anomalous ac- to help support security research. The testbed allows tivity must be detectable on a per-host basis. Attacks a network of unmodified hosts to be subjected to se- that manifest across several hosts may not be detected curity attacks in a controlled, observable, and repro- by a host-based IDS approach. In contrast, a network ducible manner using hypervisor technology. IDS sniffs packets, reconstructs “flows” from the con- The two most notable characteristics of our testbed stituent packets, then applies intrusion detection logic are the use of a virtual machine monitor (VMM, aka to each flow. One weakness of a network-based IDS hypervisor) as a tool for gathering information over an is that flow reconstruction can be very difficult, espe- entire heterogeneous LAN, and a highly generalized in- cially if—as is often the case—an attack intentionally frastructure for the description, measurement, and anal- includes nonsense packets specifically intended to con- ysis of experiments. fuse or trick the recipient. A classic example of an at- Unmodified guest host software (operating system tack containing nonsense packets is when two TCP seg- and applications) runs on an instrumented virtual ma- ments contain overlapping data; e.g., one segment con- chine monitor. The VMM provides a powerful tool tains bytes numbered 100-300, while the next segment for observing and controlling the behavior of the guest contains bytes numbered 200-400. It is implementation- software. Measurement points added to the hypervi- dependent whether TCP will accept bytes 200-300 from sor allow the experimenter to log the occurrence of key the first segment or the second. A network IDS must security-relevant events such as a system call or a buffer first reconstruct the flow that will be seen by the host overflow. When our work is complete, the experimenter under attack, then analyze the flow for anomalies or will be able not only to log but also to control guest host suspicious content. In the case of overlapping TCP behavior via the measurement points; for example, the segments, merely to reconstruct the flow the network- hypervisor could intercept and verify a system call be- based IDS must be aware of the host’s exact TCP state fore allowing it to proceed. and even of the host’s TCP implementation details. The VMM not only emulates x86 hardware, it also Host-based and network-based intrusion detection ap- implements a virtual Ethernet. Emulating both hosts proaches each suffer from their own blind spot. A se- and network on the same hypervisor provides experi- curity testbed facility based on virtual machine (VM) menters with a more complete view of how network- technology need not have a blind spot. based attacks spread. Having a system-wide view permits capture and record- Furthermore, the idea of implementing a LAN and all ing of a timestamped “movie” of activity in all parts of its hosts on a single virtual machine might also prove the system during an attack. Such movies can be an- to be a superior way to deploy an intrusion detection alyzed off-line afterward to discover attack signatures used exclusively to control the physical machines in lim- that could then serve as input to standard IDSs. Movies ited ways such as rebooting them and initializing their could also be stored and replayed later to reproduce an disks. A second “control” network is used exclusively attack on demand. for logging. Events logged by each virtual machine The main components of our testbed are: are transmitted over the control network to a database server (to be described below). 1. Hardware base The third type of network implemented by the switch 2. Infrastructure for experiment description and con- is the “data” network. Guest hosts use only the data figuration network for their traffic. To form networks of guest 3. Support for measurement and logging during exper- hosts, each guest operating system is given a virtual iments network interface. Each virtual network interface is Each component is discussed in its own section below. connected to a software bridge running on the physi- cal machine. The software bridge also connects to its 2. HARDWARE BASE machine’s physical Ethernet adapter for the data net- work. A combination of the settings on the software Our current hardware base is shown in Figure 1. Ex- bridges on each machine and the VLAN settings of the periments run on five real machines, each of which has Catalyst switch allow guest hosts on the same or dif- two dual-core Xeon 5060 (Dempsey) processors with In- ferent physical machines to be grouped arbitrarily into tel Virtualization Technology (IVT) extensions [8, 6] for virtual networks. Traffic for the virtual network passes virtualization and 8GB of RAM. IVT provides VMentry through either one or two hypervisor(s) and therefore and VMexit state transitions that manage where inter- can be monitored.1 rupts and system calls are directed. Certain instruc- Besides the five physical machines that support guest tions must be trapped within a guest host and for- hosts for experiments, two physical machines provide warded to the hypervisor. Access to I/O devices is han- support functions. One machine is used as a database. dled as described below. During experiments, it collects records about security- The virtualization software is KVM [10, 11], a load- relevant events produced by measurement points within able module for Linux versions 2.6.20 and later. KVM KVM and transmitted over the control network. After leverages IVT to implement a virtual machine monitor queueing, these records are stored in a MySQL database. with much less code than traditional hypervisors like The database machine also acts as a disk image server. VMWare [15], Xen [2], etc. KVM expands the tradi- We initialize the disk images of the physical machines tional two modes of a UNIX process (user and system) when a complete physical reset is necessary. to three: user, system, and guest. When guest software The final machine shown in Figure 1 is the control runs in such a 3-state process, I/O instructions execute host. Users connect to this machine to configure the in user mode at the Linux privilege level of the user system in preparation for an experiment, configure and who owns the guest host process. Non-I/O code runs in run experiments, and perform post-experiment analysis guest mode, and system mode is used only to transition of events logged in the database. among modes and for special instructions. The database server and control host are connected Linux/KVM can host any unmodified x86-based op- to only the control and management networks, keep- erating system. Therefore, our testbed supports all op- ing them physically isolated from the dangerous data erating systems of interest to us: Windows, Linux, and network. NetBSD. Support for heterogeneity allows the execution All this hardware is separated from the campus net- of more varied and realistic experiments. work and Internet by a Cisco ASA 5510 firewall. The Because Linux exposes dual dual-core Xeon proces- firewall allows connections between the outside and the sors with hyperthreading enabled as 8 virtual proces- control host so that users can enter the testbed, set up sors, each hypervisor is configured to support 8 guest and run their experiments. hosts by default. So the overall facility supports a min- Experiments running on the data network can also be imum of 40 guest hosts. However, the hypervisors can granted access to the outside when appropriate. Not ev- be configured to support more than 8 guest hosts each, ery experiment will involve dangerous code; the testbed so larger virtual networks are possible. Memory is the can be used for non-security experiments as well as resource most likely to limit the number of virtual hosts for security experiments. The firewall supports 100 that can be supported. Each real machine has 3 Ethernet ports that are all 1 attached to a Cisco Catalyst 3750 switch. The switch Traffic between guest hosts passes through one hypervi- sor if the two guest hosts are running on the same physical implements three types of network. A “management” machine; otherwise, the two guest hosts are running on dif- network connects the 5 real machines to a control server ferent physical machines so their traffic passes through two (to be described below).
Recommended publications
  • Installer Des Logiciels Sous Gnu/Linux

    Installer Des Logiciels Sous Gnu/Linux

    INSTALLER DES LOGICIELS SOUS GNU/LINUX Introduction : Nous allons aborder succintement 5 méthodes d©installation de logiciels sur le système GNU/Linux. L©objectif est de poser les bases pour débuter sous linux. La plupart du temps, lorsqu©on commence à se servir d©une distribution GNU/Linux on se limite à utiliser les logiciels inclus par défaut ; mais rapidement on ne tarde pas à vouloir utiliser d©autres logiciels... 1. Le Binaire Le binaire est un fichier prêt à etre executé par l©ordinateur. Il se présente en général sous la forme d©un fichier compressé qui contient un dossier avec tous les fichiers prêts à l©emploi. L©exemple Firefox : on télécharge sur : http://www.mozilla.com/en-US/firefox/all.html#fr un fichier : firefox-2.0.tar.gz Si on suppose que le paquet a été téléchargé sur le bureau, Il faudra pour l©installer taper dans une fenêtre de terminal, la ligne de commande suivante : tar -xvzf /home/utilisateur/Desktop/firefox-2.0.tar.gz fera la décompression de l©archive. On peux aussi extraire le fichier avec un logiciel de compression-decompression de manière graphique. Pour exécuter le programme, il suffira de lancer la commande : /home/utilisateur/Desktop/firefox/firefox (on peux ensuite créer un lanceur pour avoir un icône sur le bureau pour lanver le programme) 2. Le .DEB Synaptic permet la gestion graphique des paquets logiciels. Dans l©ennvironnement Gnome, il faut aller dans : Système > Administration > gestionnaire de paquets Synaptic. Vous pouvez ajouter d©avantage de logiciels en ajoutant des dépôts dans le fichier : /etc/apt/sources.lists ou en passant par le menu catégories > dépots de synaptic.
  • Universidad De San Carlos De Guatemala Facultad De Ingeniería Escuela De Ingeniería En Ciencias Y Sistemas

    Universidad De San Carlos De Guatemala Facultad De Ingeniería Escuela De Ingeniería En Ciencias Y Sistemas

    Universidad de San Carlos de Guatemala Facultad de Ingeniería Escuela de Ingeniería en Ciencias y Sistemas HERRAMIENTA PARA AUTOMATIZAR LA CREACIÓN DE LIVE CDS PERSONALIZADOS Sergio Arnaldo Méndez Aguilar Asesorado por el Ing. Edgar René Ornelis Hoíl Guatemala, octubre de 2009 UNIVERSIDAD DE SAN CARLOS DE GUATEMALA FACULTAD DE INGENIERÍA HERRAMIENTA PARA AUTOMATIZAR LA CREACIÓN DE LIVE CDS PERSONALIZADOS TRABAJO DE GRADUACIÓN PRESENTADO A JUNTA DIRECTIVA DE LA FACULTAD DE INGENIERÍA POR: SERGIO ARNALDO MÉNDEZ AGUILAR ASESORADO POR EL ING. EDGAR RENÉ ORNELIS HOÍL AL CONFERÍRSELE EL TÍTULO DE INGENIERO EN CIENCIAS Y SISTEMAS GUATEMALA, OCTUBRE DE 2009 UNIVERSIDAD DE SAN CARLOS DE GUATEMALA FACULTAD DE INGENIERÍA NÓMINA DE JUNTA DIRECTIVA DECANO Ing. Murphy Olympo Paiz Recinos VOCAL I Inga. Glenda Patricia García Soria VOCAL II Inga. Alba Maritza Guerrero de López VOCAL III Ing. Miguel Ángel Dávila Calderón VOCAL IV Br. José Milton De León Bran VOCAL V Br. Isaac Sultán Mejía SECRETARIA Inga. Marcia Ivónne Véliz Vargas TRIBUNAL QUE PRACTICÓ EL EXAMEN GENERAL PRIVADO DECANO Ing. Murphy Olympo Paiz Recinos EXAMINADOR Ing. Victor Hugo de León Barrios EXAMINADOR Ing. Juan Alvaro Díaz Ardavín EXAMINADOR Ing. Pedro Pablo Hernández Ramírez SECRETARIA Inga. Marcia Ivónne Véliz Vargas ACTO QUE DEDICO A: Dios en primer lugar, por haberme permitido conocerlo en esta universidad y darme una nueva oportunidad, para empezar a cambiar mi vida en mi actuar y en mi forma de pensar. Mis padres y a mi hermana, que me brindaron todo el apoyo posible de acuerdo a sus capacidades, ya que ellos trabajaron muy duro para poder brindarme la oportunidad de lograr finalizar mis estudios universitarios.
  • Praise for the Official Ubuntu Book

    Praise for the Official Ubuntu Book

    Praise for The Official Ubuntu Book “The Official Ubuntu Book is a great way to get you started with Ubuntu, giving you enough information to be productive without overloading you.” —John Stevenson, DZone Book Reviewer “OUB is one of the best books I’ve seen for beginners.” —Bill Blinn, TechByter Worldwide “This book is the perfect companion for users new to Linux and Ubuntu. It covers the basics in a concise and well-organized manner. General use is covered separately from troubleshooting and error-handling, making the book well-suited both for the beginner as well as the user that needs extended help.” —Thomas Petrucha, Austria Ubuntu User Group “I have recommended this book to several users who I instruct regularly on the use of Ubuntu. All of them have been satisfied with their purchase and have even been able to use it to help them in their journey along the way.” —Chris Crisafulli, Ubuntu LoCo Council, Florida Local Community Team “This text demystifies a very powerful Linux operating system . in just a few weeks of having it, I’ve used it as a quick reference a half dozen times, which saved me the time I would have spent scouring the Ubuntu forums online.” —Darren Frey, Member, Houston Local User Group This page intentionally left blank The Official Ubuntu Book Sixth Edition This page intentionally left blank The Official Ubuntu Book Sixth Edition Benjamin Mako Hill Matthew Helmke Amber Graner Corey Burger With Jonathan Jesse, Kyle Rankin, and Jono Bacon Upper Saddle River, NJ • Boston • Indianapolis • San Francisco New York • Toronto • Montreal • London • Munich • Paris • Madrid Capetown • Sydney • Tokyo • Singapore • Mexico City Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks.
  • Why Won't Johnny Run Linux? Dan Kegel

    Why Won't Johnny Run Linux? Dan Kegel

    Why Won't Johnny Run Linux? Scale 4x 11 Feb 2006 Dan Kegel www.kegel.com Why Won't Johnny Run Linux? Desktop Linux is healthier than ever Distros are more polished than ever OpenOffice 2 works well CDs close'n'play Large migrations (e.g. Munich, IBM) underway 1 in 3 companies use open source on desktop Why Won't Johnny Run Linux? Desktop Linux is healthier than ever Distros are more polished than ever OpenOffice 2 works well CDs close'n'play Large migrations (e.g. Munich, IBM) underway 1 in 3 companies use open source on desktop But ... market share still tiny! Why? Why Won't Johnny Run Linux? Desktop Linux is healthier than ever Distros are more polished than ever OpenOffice 2 works well CDs close'n'play Large migrations (e.g. Munich, IBM) underway 1 in 3 companies use open source on desktop But ... market share still tiny! Why? Problems with Commercial Applications Microsoft Integration Drivers/Codecs Laptops User experience Why Won't Johnny Run Linux? Problems with Commercial Apps Hard to build universal apps Commercial applications hard to manage Key applications missing Why Won't Johnny Run Linux? - Problems with Commercial Applications Hard to build universal apps Compiling an app that can run anywhere is hard Qt3? 4? Gtk1? 2? Fltk? WxWidgets? XUL? glibc-2.2? 2.3.2? 2.3.3? 2.4? gcc-2.95? 3.3? 3.4? 4.0? 4.1? RPM? DEB? TGZ? Klik? Autopackage? Even adding items to system menu is a challenge LSB some relief, but no (or little) sound support yet Why Won't Johnny Run Linux? - Problems with Commercial Applications Commercial Apps hard to manage There is no package format accepted by all distros so commercial apps all tend to use ad-hoc installers Thus: No uniform installer No uniform uninstaller, either No unified updater -> hard to manage, security risk e.g.
  • Noprianto Instalasi Pprogramrogram

    Noprianto Instalasi Pprogramrogram

    UTAMA Noprianto Instalasi PProgramrogram eiring dengan semakin banyaknya Linux digunakan, teknologi Syang memudahkan instalasi program di Linux ddii LLinuxinux pun bertambah. Kita akan membahasnya di tulisan ini. Suatu sistem yang solid adalah impian contoh, di sistem berbasis RPM, kita me- sendiri-sendiri. Selain karena alasan tidak semua pengguna komputer. Baik pengguna ngenal program yang dipaketkan sebagai ingin adanya redundansi yang tidak diper- komputer di server besar sampai perangkat fi le dengan ekstensi rpm yang dapat diin- lukan, juga karena kemungkinan terjadinya genggam. Permasalahannya adalah sistem stal. Atau, di sistem berbasis DPKG, kita inkompatibilitas versi pustaka. operasi yang telah terinstal tidak dapat mengenal program yang dipaketkan sebagai Oleh karena itu, sebuah paket barangkali memenuhi kebutuhan semua pengguna. fi le dengan ekstensi .deb. Dan masih banyak akan membutuhkan paket lainnya. Dan, pa- Baik saat pertama penggunaan ataupun di lagi. ket tersebut juga mungkin dibutuhkan oleh waktu yang akan datang. Oleh karena itu, Khususnya di Linux, masalah instalasi paket lainnya. Beberapa package manage- sistem operasi modern mengizinkan insta- program menjadi sangat istimewa karena ment modern sudah mengatasi masalah lasi aplikasi tambahan, baik yang berjalan adanya keinginan untuk mengumpulkan dependency ini, namun sempat menjadi isu sepenuhnya di user space ataupun yang me- semua pustaka di satu atau beberapa tem- yang sangat rumit di beberapa waktu yang nyentuh kernel space. pat yang disepakati bersama. Demikian lalu ataupun di beberapa sistem saat ini. Instalasi program dapat dilakukan juga dengan lokasi executable program. Di Kebutuhan akan versi pustaka yang ber- dengan berbagai cara. Di sistem operasi Linux, kita tidak disarankan untuk menggu- beda-beda juga bisa menjadi masalah besar.
  • SMART Notebook 10 Software for Linux Computers Installation Guide

    SMART Notebook 10 Software for Linux Computers Installation Guide

    SMART Notebook™ 10 Installation and Administration Guide Linux® Operating Systems Product Registration If you register your SMART product, we’ll notify you of new features and software upgrades. Register online at www.smarttech.com/registration. Keep the following information available in case you need to contact SMART Technical Support. Product Key: ___________________________________________________ Date of Purchase: ___________________________________________________ Trademark Notice The SMART logo, smarttech, SMART Board, SMART Notebook, SMART Podium and all SMART Taclines are trademarks or registered trademarks of SMART Technologies ULC in the U.S. and/or other countries. Linux is a registered trademark of Linus Torvalds. Debian is a registered trademark of Software in the Public Interest, Inc. Red Hat, Fedora, and RPM are trademarks or registered trademarks of Red Hat, Inc. All other third-party product and company names may be trademarks of their respective owners. Copyright Notice © 2011 SMART Technologies ULC. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system or translated into any language in any form by any means without the prior written consent of SMART Technologies ULC. Information in this manual is subject to change without notice and does not represent a commitment on the part of SMART. Patent No. US6320597; US6326954; US6741267; US7151533; US7499033; US7757001; and CA2252302. Other patents pending. 02/2011 Contents 1 Installing SMART Notebook 10 for
  • Descargar: Zenwalk Linux 6.2 Linux Cuenta Con Una Distribución Basada En Slackware Que Está Destinada Única Y Exclusivamente a Equipos Con Escasos Recursos

    Descargar: Zenwalk Linux 6.2 Linux Cuenta Con Una Distribución Basada En Slackware Que Está Destinada Única Y Exclusivamente a Equipos Con Escasos Recursos

    http://www.tuxinfo.com.ar/ EDITORIAL Este mes podemos decir que es un mes en donde el mundo libre pasó a tener una gran posición entre los usuarios convencionales de dispositivos. ¿Por qué digo dispositivos? Utilizo esa palabra ya que hay un gran avance en terminales móviles en todo el mundo ya que quizás muchas personas en el mundo no tengan una PC propia pero si un teléfono móvil. Y la mayoría de los móviles están utilizando de fondo tecnología libre, llamemos la Symbian, Maemo o Android. Si alguna persona hace algunos años me lo habría contado, la verdad es que no terminaría de creerle. Hay muchas personas dueñas de móviles de media y alta gamma que cuentan con sistemas libres, y si nos fijamos de forma más específica podemos decir que los equipos más codiciados de todo el mundo están empezando a utilizar Android, y dejando de usar Windows Mobile por muchas razones. La misma empresa Nokia está pensando en el 2012 utilizar el sistema operativo Maemo (basado directamente en un kernel Linux) para reemplazar a Symbian y así poder "exprimir" más al hardware. Con lo que cierro diciéndoles que el futuro desde mi punto de vista está en los sistemas abiertos, la venta de servicios, la nube y todo lo relacionado a la libertad. Esperamos sus comentarios, sus propuestas de los temas que desean que incluyamos en los próximos números a nuestra casilla de mail ([email protected]). Saludos a todos y recuerden pasar la Voz!!!. Ariel M. Corgatelli Ariel Corgatelli (director, editor y coordinador) Claudia A.
  • Support and Typical Problems

    Support and Typical Problems

    Hill_ch06.ps 7/18/06 4:32 PM Page 183 CHAPTER 6 Support and Typical Problems Your System Applications 6 Multimedia Networking Hardware System Administration Other Summary 183 Hill_ch06.ps 7/18/06 4:32 PM Page 184 DESPITE THE FACT that the Ubuntu developers work tirelessly to make the Ubuntu user experience as fluid and problem-free as possible, there are always going to be bugs, glitches, and errors in software. This is nothing unique to Ubuntu; it is a characteristic that is applied to all software. Any- thing created by humans is subject to error. One of the many benefits of the Open Source development process is that errors and bugs are typically reported, found, and fixed in a far shorter time frame than is the case with proprietary software. This ensures that the software included with Ubuntu is far more solid and stable than some pro- prietary alternatives. Although bugs are typically fixed quickly, there is still the case of user error. Even if a piece of software is completely bug-free, it can be used incorrectly, be misconfigured, or otherwise not work as expected. This is perfectly normal, and the aim of this chapter is to discuss some of the most common problems faced by users and explore how to fix or otherwise resolve these issues. This chapter is presented in a cookbook format, presenting each problem followed by a concise solution. If you have read through the other chapters in the book and not found the solution in this chapter, the next option is to try the superb Ubuntu Forums at www.ubuntuforums.org/.
  • Current Capacity Reporter Installation Guide

    Current Capacity Reporter Installation Guide

    CA Current Capacity Reporter Installation Guide Version 1.5 June, 2014 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the “Documentation”) is for your informational purposes only and is subject to change or withdrawal by CA at any time. This Documentation may not be copied, transferred, reproduced, disclosed, modified or duplicated, in whole or in part, without the prior written consent of CA. This Documentation is confidential and proprietary information of CA and may not be disclosed by you or used for any purpose other than as may be permitted in (i) a separate agreement between you and CA governing your use of the CA software to which the Documentation relates; or (ii) a separate confidentiality agreement between you and CA. Notwithstanding the foregoing, if you are a licensed user of the software product(s) addressed in the Documentation, you may print or otherwise make available a reasonable number of copies of the Documentation for internal use by you and your employees in connection with that software, provided that all CA copyright notices and legends are affixed to each reproduced copy. The right to print or otherwise make available copies of the Documentation is limited to the period during which the applicable license for such software remains in full force and effect. Should the license terminate for any reason, it is your responsibility to certify in writing to CA that all copies and partial copies of the Documentation have been returned to CA or destroyed. TO THE EXTENT PERMITTED BY APPLICABLE LAW, CA PROVIDES THIS DOCUMENTATION “AS IS” WITHOUT WARRANTY OF ANY KIND, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT.
  • Windows® Administration at the Command Line for Windows Vista™, Windows® 2003, Windows® XP, and Windows® 2000

    Windows® Administration at the Command Line for Windows Vista™, Windows® 2003, Windows® XP, and Windows® 2000

    46163.book Page iii Monday, February 26, 2007 6:16 PM Windows® Administration at the Command Line for Windows Vista™, Windows® 2003, Windows® XP, and Windows® 2000 John Paul Mueller Wiley Publishing, Inc. 46163.book Page ii Monday, February 26, 2007 6:16 PM 46163.book Page i Monday, February 26, 2007 6:16 PM Windows® Administration at the Command Line 46163.book Page ii Monday, February 26, 2007 6:16 PM 46163.book Page iii Monday, February 26, 2007 6:16 PM Windows® Administration at the Command Line for Windows Vista™, Windows® 2003, Windows® XP, and Windows® 2000 John Paul Mueller Wiley Publishing, Inc. 46163.book Page iv Monday, February 26, 2007 6:16 PM Acquisitions and Development Editor: Thomas Cirtin Technical Editor: Russ Mullen Production Editor: Felicia Robinson Copy Editor: Cheryl Hauser Production Manager: Tim Tate Vice President and Executive Group Publisher: Richard Swadley Vice President and Executive Publisher: Joseph B. Wikert Vice President and Publisher: Neil Edde Book Designers: Maureen Forys, Happenstance Type-O-Rama, Judy Fung Compositor: Craig Woods, Happenstance Type-O-Rama Proofreader: Rachael Gunn Indexer: Nancy Guenther Anniversary Logo Design: Richard Pacifico Cover Designer: Ryan Sneed Copyright © 2007 by Wiley Publishing, Inc., Indianapolis, Indiana Published simultaneously in Canada ISBN: 978-0-470-04616-6 No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per- copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600.
  • Unregisterd Version

    Unregisterd Version

    The Official Ubuntu Book 1 Table of Contents 3 Copyright 6 Foreword 8 Preface 11 Acknowledgments 13 About the Authors 14 Introduction 15 Chapter 1. Introducing Ubuntu 18 A Wild Ride 19 Free Software, Open Source, and GNU/Linux 20 A Brief History of Ubuntu 23 What Is Ubuntu? 27 Ubuntu Promises and Goals 31 Canonical and the Ubuntu Foundation 36 Ubuntu Subprojects, Derivatives, and Spin offs 39 Summary 40 Chapter 2. Installing Ubuntu 41 Choosing Your Ubuntu Version 42 Getting Ubuntu 44 Installing from the Desktop CD 47 Installing Using the Alternate Install CD 56 Post-Installation 64 Summary 66 Chapter 3. Using Ubuntu on the Desktop 67 Taking Your Desktop for a Ride 69 Using Your Applications 78 The Ubuntu File Chooser and Bookmarks 116 Ubuntu in Your Language 118 Customizing Ubuntu's Look and Feel 119 Managing Your Files 121 Ubuntu and Multimedia 127 Summary 133 Chapter 4. Advanced Usage and Managing Ubuntu 134 Adding and Removing Programs and Packages 135 Keeping Your Computer Updated 143 Moving to the Next Ubuntu Release 147 Using and Abusing Devices and Media 148 Configuring a Printer in Ubuntu 151 Graphically Access Remote Files 158 The Terminal 160 Working with Windows 165 Summary 167 Chapter 5. The Ubuntu Server 168 What Is Ubuntu Server? 169 Installing Ubuntu Server 171 Ubuntu Package Management 179 Ubuntu Server Security 188 Summary 193 Chapter 6. Support and Typical Problems 194 Your System 196 Applications 210 Multimedia 215 Networking 221 Hardware 226 System Administration 237 Other 249 Summary 255 Chapter 7. Using Kubuntu 256 Introduction to Kubuntu 257 Installing Kubuntu 262 Customizing Kubuntu 269 Systems Administration 273 Managing Files with Kubuntu 289 Common Applications 297 Finding Help and Giving Back to the Community 315 Summary 317 Chapter 8.
  • Windows Package Manager (Winget)

    Windows Package Manager (Winget)

    Windows Package Manager (WinGet) Introduction Microsoft a mis en place un nouveau package pour l’installation de programme en ligne de commande (CMD ou PowerShell). Et suite aux nouvelles politiques de Mircrosoft le logiciel est disponible sur github. Attention, Windows Package Manager est en développement donc à vos risques et périls Installation Pour utiliser cette nouvelle fonctionnalité qui est encore en preview (actuellement en version v0.1.41331 Preview), il faut installer la dernière version disponible sur : github Microsoft Store Microsoft a déjà publié en français une documentation sur cette fonctionnalité : Gestionnaire de package Windows winget dans la pratique winget [<command>] [<options>] Commande Description search Rechercher une application install Installer une application show Affiche les informations d'une ou plusieurs applications source Permet de gérer les sources d'application hash Génère le hachage SHA256 pour le programme d’installation Valide un fichier manifeste pour l’envoi dans le dépôt du validate Gestionnaire de package Windows winget search winget search [[-q] <query>] [<options>] Commande Description -q,--query Requête utilisée pour rechercher une application --id Filtrer les résultats par identifiant --name Filtrer les résultats par nom --moniker Filtrer les résultats par nom d’application --tag Filtrer les résultats par mot-clé --command Filtrer les résultats par commande -s,--source Rechercher une application à l’aide de la source indiquée -n,--count Ne pas afficher plus de résultats que le nombre spécifié