DOCSLIB.ORG

Introduction to Network Security Limited Warranty and Disclaimer of Liability

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Introduction to Network Security Limited Warranty and Disclaimer of Liability INTRODUCTION TO NETWORK SECURITY LIMITED WARRANTY AND DISCLAIMER OF LIABILITY THE CD-ROM THAT ACCOMPANIES THE BOOK MAY BE USED ON A SINGLE PC ONLY. THE LICENSE DOES NOT PERMIT THE USE ON A NETWORK (OF ANY KIND). YOU FURTHER AGREE THAT THIS LICENSE GRANTS PERMISSION TO USE THE PRODUCTS CONTAINED HEREIN, BUT DOES NOT GIVE YOU RIGHT OF OWNERSHIP TO ANY OF THE CONTENT OR PRODUCT CONTAINED ON THIS CD-ROM. USE OF THIRD-PARTY SOFTWARE CONTAINED ON THIS CD-ROM IS LIMITED TO AND SUBJECT TO LICENSING TERMS FOR THE RESPECTIVE PRODUCTS. CHARLES RIVER MEDIA, INC. (“CRM”) AND/OR ANYONE WHO HAS BEEN INVOLVED IN THE WRITING, CREATION, OR PRODUCTION OF THE ACCOMPA- NYING CODE (“THE SOFTWARE”) OR THE THIRD-PARTY PRODUCTS CON- TAINED ON THE CD-ROM OR TEXTUAL MATERIAL IN THE BOOK, CANNOT AND DO NOT WARRANT THE PERFORMANCE OR RESULTS THAT MAY BE OBTAINED BY USING THE SOFTWARE OR CONTENTS OF THE BOOK. THE AUTHOR AND PUBLISHER HAVE USED THEIR BEST EFFORTS TO ENSURE THE ACCURACY AND FUNCTIONALITY OF THE TEXTUAL MATERIAL AND PROGRAMS CONTAINED HEREIN. WE, HOWEVER, MAKE NO WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, REGARDING THE PERFORMANCE OF THESE PROGRAMS OR CON- TENTS. THE SOFTWARE IS SOLD “AS IS” WITHOUT WARRANTY (EXCEPT FOR DEFECTIVE MATERIALS USED IN MANUFACTURING THE DISK OR DUE TO FAULTY WORKMANSHIP). THE AUTHOR, THE PUBLISHER, DEVELOPERS OF THIRD-PARTY SOFTWARE, AND ANYONE INVOLVED IN THE PRODUCTION AND MANUFACTURING OF THIS WORK SHALL NOT BE LIABLE FOR DAMAGES OF ANY KIND ARISING OUT OF THE USE OF (OR THE INABILITY TO USE) THE PROGRAMS, SOURCE CODE, OR TEXTUAL MATERIAL CONTAINED IN THIS PUBLICATION. THIS INCLUDES, BUT IS NOT LIMITED TO, LOSS OF REVENUE OR PROFIT, OR OTHER INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OF THE PRODUCT. THE SOLE REMEDY IN THE EVENT OF A CLAIM OF ANY KIND IS EXPRESSLY LIMITED TO REPLACEMENT OF THE BOOK AND/OR CD-ROM, AND ONLY AT THE DISCRETION OF CRM. THE USE OF “IMPLIED WARRANTY” AND CERTAIN “EXCLUSIONS” VARIES FROM STATE TO STATE, AND MAY NOT APPLY TO THE PURCHASER OF THIS PRODUCT. INTRODUCTION TO NETWORK SECURITY NEAL KRAWETZ CHARLES RIVER MEDIA Boston, Massachusetts Copyright 2007 Career & Professional Group, a division of Thomson Learning Inc. Published by Charles River Media, an imprint of Thomson Learning, Inc. All rights reserved. No part of this publication may be reproduced in any way, stored in a retrieval system of any type, or transmitted by any means or media, electronic or mechanical, including, but not limited to, photocopy, recording, or scanning, without prior permission in writing from the publisher. Cover Design: Tyler Creative CHARLES RIVER MEDIA 25 Thomson Place Boston, Massachusetts 02210 617-757-7900 617-757-7969 (FAX) [email protected] www.charlesriver.com This book is printed on acid-free paper. Neal Krawetz. Introduction to Network Security. ISBN: 1-58450-464-1 eISBN: 1-58450-643-1 All brand names and product names mentioned in this book are trademarks or service marks of their respective companies. Any omission or misuse (of any kind) of service marks or trademarks should not be regarded as intent to infringe on the property of others. The publisher recognizes and respects all marks used by companies, manufacturers, and developers as a means to distinguish their products. Library of Congress Cataloging-in-Publication Data Krawetz, Neal. Introduction to network security / Neal Krawetz. -- 1st ed. p. cm. Includes bibliographical references and index. ISBN 1-58450-464-1 (pbk. with cd : alk. paper) 1. Computer networks--Security measures--Textbooks. 2. Computer network protocols--Textbooks. I. Title. TK5105.59.K73 2007 005.8--dc22 2006012902 Printed in the United States of America 06 7 6 5 4 3 2 CHARLES RIVER MEDIA titles are available for site license or bulk purchase by institutions, user groups, corporations, etc. For additional information, please contact the Special Sales Department at 800-347-7707. Requests for replacement of a defective CD-ROM must be accompanied by the original disc, your mailing address, telephone number, date of purchase and purchase price. Please state the nature of the problem, and send the information to CHARLES RIVER MEDIA, 25 Thomson Place, Boston, Massachusetts 02210. CRM’s sole obligation to the purchaser is to replace the disc, based on defective materials or faulty workmanship, but not on the operation or functionality of the product. Contents Acknowledgments xxvii Part I: Overview 1 1 Security 3 1.1 Importance 3 1.1.1 Terminology 4 1.1.2 Types of Security Issues 5 1.1.3 What Is Secure? 6 1.1.4 Compromise Response 6 1.2 Threat Models 8 1.2.1 Internal versus External 8 1.2.2 Intentional versus Accidental 12 1.3 Concepts 12 1.3.1 Confidentiality and Privacy 13 1.3.2 Authentication 13 1.3.3 Authorization and Access Control 13 1.3.4 Integrity 13 1.3.5 Nonrepudiation 13 1.4 Common Mitigation Methods 14 1.4.1 Compartmentalize 14 1.4.2 Secure Fail 14 1.4.3 Defense-in-Depth 15 1.4.4 Security-by-Obscurity 15 1.4.5 Security and Usability 16 1.5 People and Staff 17 1.5.1 Education 17 1.5.2 Experience 18 1.5.3 Track Record 19 1.6 Certifications 19 1.6.1 CISSP and SSCP 21 1.6.2 GIAC 22 1.6.3 CISA and CISM 23 1.6.4 Security+ 23 1.6.5 Certification Weaknesses 23 Summary 26 v vi Contents Review Questions 26 Discussion Topics 26 Additional Resources 27 2 Ethics 29 2.1 Ethical Training 30 2.1.1 Discipline 30 2.1.2 Access and Power 31 2.1.3 Apprenticeship and Experimentation 32 2.1.4 Professions 32 2.2 Ethical, Social, and Legal Considerations 33 2.2.1 Moral Example: Home Computing 35 2.2.2 Moral Example: Michael Lynn versus Cisco 35 2.2.3 Moral Framework 36 2.3 Intellectual Property 36 2.3.1 Copyright 37 2.3.2 Fair Use 38 2.3.3 Trademark 39 2.3.4 Patents 39 2.3.5 Impact on Network Security 39 2.4 Computer Crimes 40 2.4.1 Motive and Intent 40 2.4.2 Libel and Defamation 41 2.4.3 Forgery and Impersonation 41 2.4.4 Handling Evidence 42 2.4.5 Expectation of Privacy 43 2.4.6 Preparing for the Future 43 Summary 44 Review Questions 45 Discussion Topics 45 Additional Resources 45 3 Network Theory 47 3.1 Standards Bodies 48 3.1.1 Standards 49 3.1.2 RFC 50 3.2 Network Stacks 51 3.2.1 Network Stack Design 51 3.2.2 ISO OSI 53 3.2.3 DoD TCP/IP Stack 56 3.2.4 OSI versus TCP/IP 57 3.2.5 Other Stacks 58 3.2.6 User Layers 59 Contents vii 3.3 Multiple Stacks 59 3.3.1 Sequential Stacks 59 3.3.2 Stacks Within Stacks 59 3.3.3 VPN 60 3.4 Layers and Protocols 62 3.4.1 Mapping Protocols to Layers 62 3.4.2 Misaligned Mappings 62 3.4.3 Different Layers, Different Views 63 3.5 Common Tools 64 3.5.1 Querying Tools 64 3.5.2 Collection Tools 65 3.5.3 Assessment Tools 65 3.5.4 Analysis Tools 66 Summary 66 Review Questions 66 Discussion Topics 67 Additional Resources 67 4 Basic Cryptography 69 4.1 Securing Information 70 4.2 Necessary Elements 70 4.2.1 Plaintext and Ciphertext 70 4.2.2 Algorithm 70 4.2.3 Environment 71 4.2.4 Key 72 4.2.5 Cracking Cryptographic Systems 72 4.3 Authentication and Keys 73 4.3.1 Key Management Risks 74 4.3.2 Keys and Automated Systems 76 4.3.3 Symmetrical versus Asymmetrical Keys 76 4.3.4 Key Exchange 77 4.3.5 Certificates and Certificate Authorities 78 4.3.6 Kerberos 78 4.4 Cryptography and Randomness 79 4.4.1 Random Numbers 80 4.4.2 Confusion and Diffusion 80 4.4.3 S-Box 81 4.5 Hashes 81 4.5.1 Parity 82 4.5.2 Checksum 82 4.5.3 CRC 82 4.5.4 Cryptographic Hash Functions 85 4.5.5 Sparse Hash Mappings 86 viii Contents 4.5.6 Signed Cryptographic Hashes and HMAC 86 4.6 Ciphers 88 4.6.1 Simple Ciphers 88 4.6.2 Monoalphabetic and Polyalphabetic Ciphers 89 4.6.3 One-Time Pads 89 4.6.4 Book Ciphers 90 4.7 Encryption 90 4.7.1 Streaming and Block Ciphers 91 4.7.2 Block Cipher Modes 91 4.8 Steganography 93 Summary 94 Review Questions 94 Discussion Topics 95 Additional Resources 95 Part II OSI Layer I 97 5 Physical Layer 99 5.1 Types of Physical Mediums 100 5.1.1 Wired Network Protocols 100 5.1.2 Fiber-Optic Networks 101 5.1.3 Trunk Lines 101 5.1.4 Dynamic Networks 102 5.1.5 Wireless 102 5.2 Physical Network Components 103 5.3 Physical Network Risks 104 5.3.1 Eavesdropping 104 5.3.2 Replay 105 5.3.3 Insertion 105 5.3.4 Denial of Service (DoS) 105 5.4 Topologies 106 5.4.1 Bus Networks 107 5.4.2 Star Networks 108 5.4.3 Ring Networks 109 5.4.4 Broadcast Networks 110 5.4.5 Hybrid Networks 111 5.5 Physical Layer Security 111 5.6 Tracking Attacks 112 Summary 113 Review Questions 113 Discussion Topics 114 Additional Resources 114 Contents ix 6 Physical LAN 115 6.1 Physical LAN Regions 115 6.1.1 LAN 116 6.1.2 WAN 116 6.1.3 DMZ 117 6.1.4 MAN 117 6.2 Types of Attacks 117 6.2.1 Disruption 117 6.2.2 Interference 118 6.2.3 Intentional Attacks 118 6.3 Firewalls 118 6.3.1 Software Firewalls 119 6.3.2 Hardware Firewalls 120 6.3.3 Home Users and Firewalls 121 6.4 Privileged Zones 122 6.4.1 DMZ 123 6.4.2 Onion 124 6.4.3 Garlic 124 6.5 LAN Connections 125 6.5.1 Static Connections 125 6.5.2 Dynamic Connections 125 Summary 127 Review Questions 128 Discussion Topics 128 Additional Resources 129 7 Wireless Networking 131 7.1 Wireless Spectrum 131 7.2 Wireless Protocols 133 7.2.1 SSID 133 7.2.2 WEP 133 7.2.3 WEP Cracking 136 7.3 Wireless Risks 137 7.3.1 Packet Sniffing 138 7.3.2 SSID Information 138 7.3.3 Impersonation 139 7.3.4 Parasites 140 7.3.5 Direct Security Breaches 140 7.4 Risk Mitigation Options 140 7.4.1 SSID Labeling 140 7.4.2 Broadcasting SSID 141 7.4.3 Antenna Placement 141 x Contents 7.4.4 MAC Filtering 142 7.4.5 WEP: Better Than Nothing 142 7.4.6 Other Cryptographic Systems 142 7.4.7 Network Architecture 144 Summary 146 Review Questions 146 Discussion Topics 146 Additional
Load more

Recommended publications
  • Release Notes
    AIX Version 4.1 Release Notes FXRNA/IS2 Second Edition (July 1997) This edition of Release Notes applies to AIX 4.1 and to all subsequent releases of this product until otherwise indicated in new releases or technical newsletters. THIS MANUAL IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. The laws of some states and countries do not allow the disclaimer of express or implied warranties in certain transactions; therefore, this statement may not apply to you. As such, the above warranty disclaimer shall only apply to the extent permitted by law. While reasonable efforts have been made to assure the accuracy of this document, Motorola, Inc. assumes no liability resulting from any omissions in this document, or from the use of the information obtained therein. It is not warranted that the contents of this publication or the accompanying source code examples, whether individually or as one or more groups, will meet your requirements or that the publication or the accompanying source code examples are error-free. This publication could include technical inaccuracies or typographical errors. Motorola reserves the right to revise this document and to make changes from time to time in the content hereof without obligation of Motorola to notify any person of such revision or changes It is possible that this publication may contain references to, or information about Motorola products (machines and programs), programming or services that are not announced or released in your country or region.
    [Show full text]
  • Understanding the Usage, Impact, and Adoption of Non-OSI Approved Licenses
    Understanding the Usage, Impact, and Adoption of Non-OSI Approved Licenses Rômulo Meloca1, Gustavo Pinto2, Leonardo Baiser1, Marco Mattos1, Ivanilton Polato1, Igor Scaliante Wiese1, Daniel M German3 1Federal University of Technology – Paraná (UTFPR), 2University of Pará (UFPA), 3University of Victoria ABSTRACT 1 INTRODUCTION The software license is one of the most important non-executable The software licenses are one of the most important non-executable pieces of any software system. However, due to its non-technical part of any software system [5]. Particularly relevant to open- nature, developers often misuse or misunderstand software licenses. source software (OSS), open-source licenses not only drive how Although previous studies reported problems related to licenses one can use an OSS but also ensure to what extent others can reuse clashes and inconsistencies, in this paper we shed the light on it [19]. Similarly to software code, software licenses change [27] an important but yet overlooked issue: the use of non-approved and evolve [25]. Software relicensing is, indeed, commonplace in open-source licenses. Such licenses claim to be open-source, but open-source software world [7]. As an example, Facebook recently have not been formally approved by the Open Source Initiative relicensed four key open-source softwares from BSD + Patents to (OSI). When a developer releases a software under a non-approved MIT license1. According to them, this change was motivated by license, even if the interest is to make it open-source, the original an unhappy community looking for alternatives under permissive author might not be granting the rights required by those who licenses.
    [Show full text]
  • Edelivery Reference Card for Cisco Step-By-Step Procedures Partners and Distributors to Become Familiar with the Edelivery Application
    eDelivery Reference Card For Cisco Step-by-Step Procedures Partners and Distributors To Become Familiar with the eDelivery Application Table of Contents eDelivery Definitions Order-Based Access (OBA) Email Notifications Product Authorization Keys (PAKs) Registration Welcome to eDelivery Software Download Policy 5 On the Download Cart page, accept the EULA by clicking “Accept.” The software download policy governs the number of times any software image on an order can be The Cisco® eDelivery application is a process to 6 Now choose between “Download download software and software license downloaded. When the software has been downloaded, please keep a backup copy of the Manager” (DLM) – Cisco recommended, or entitlement documentation. The purpose of this software. “Non Java SW Download” (https). reference card is to help Cisco partners and Note: The non-Java download method may distributors become familiar with the capabilities of result in slower download speeds, no eDelivery. The customer must accept the End User License Agreement (EULA) in order to be able to download. download verification, and timeout issues in which your session may time out prior to Helpful Hints Additional copies are subject to the following terms: successful download. System access is via Internet Explorer 7 or -The software may be downloaded for the first time later, Firefox 10 or later, and Chrome 22 or at any time after the order is made available within 7 Follow the instructions on the screen. later. eDelivery. To become an authorized user of the Added Downloads/Locked SW eDelivery system, provide information within -Up to 90 days after the order is first made available 1 Locate the order on the “Manage Orders” the Profile Manager on Cisco.com.
    [Show full text]
  • VLC-User-Guide.Pdf
    VLC user guide Henri Fallon Alexis de Lattre Johan Bilien Anil Daoud Mathieu Gautier Clément Stenac Copyright © 2002, 2003 the VideoLAN project This document is the complete user guide of VLC . Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation ; with no Invariant Sections, with no Front−Cover Texts, and with no Back−Cover Texts. The text of the license can be found in the appendix GNU Free Documentation License. VLC user guide Table of Contents Chapter 1. Introduction......................................................................................................................................1 1.1. What is the VideoLAN project ?......................................................................................................1 1.1.1. Overview.................................................................................................................................1 1.1.2. VideoLAN software................................................................................................................2 1.2. What is a codec ?..............................................................................................................................3 1.3. How can I use VideoLAN ?..............................................................................................................3 1.3.1. Documentation........................................................................................................................3
    [Show full text]
  • Software License Review Checklist
    Software License Review Checklist Is Nealy damask or peacocky after foursquare Huntington structured so onshore? Is Roger always novercal and sloppier when wanna some butt very downwind and sunnily? Schmalziest Larry institute some thalers and parochialise his Saar so endlong! Copyright in sprint board is dressed up a review checklist to Software Licensing Agreement Checklist University of. A Checklist for Negotiating License Agreements. Getting their software license for improved virtual machine can i made? Can software licensing agreements be renegotiated Social Media Risk Management How dull do your hurry and its employees understand. The business complains if a custom review takes too when having legal counsel because every contract is well feasible or a duration or cost perspective conducting. Who owns source code? Circumstances one inmate the key things to check is pry the relevant restrictions in the Model Exclusive. License agreements technology interface and software purchases Does you agreement. Source licenses will wine be compiled into checklists and perhaps review whatever the. IT Budget Checklist Data power Hardware & Support. Pick add open-source audit software software which vary not read you back any license and. Auditors and get Use an SAP software license audit to gross your S4HANA. Structuring prices of profitability ii of software license review checklist is the national sales and others are steps in an internal file for? Or a disposal checklist Recommendation E OIT should. As corn for constellation software licenses is already software vendors are focusing more on licensing audits to recover some of that similar income. Vendor Risk for CTRM Systems Audit and Audit-Assist Checklist.
    [Show full text]
  • Guru Jambheshwar University of Science & Technology
    A Project report On OPEN SOURCE SOFTWARE SUBMITTED TO: SUBMITTED BY: MR. VINOD GOYAL SAHIL (Lecturer) 09013088 Deptt. of CSE CSE3RDYEAR GURU JAMBHESHWAR UNIVERSITY OF SCIENCE & TECHNOLOGY,HISSAR CONTENTS:- INTRODUCTION What is open source software? What is free software ? What is source code ? Misunderstanding of open source. Some open source softwares. VLC MEDIA PLAYER History Features Format support Installation on various OS Playing audio and videos in vlc Troubleshooting in vlc Uninstalling vlc Hotkeys in vlc FAQ’S on vlc References. INTRODUCTION In the last few years the Open Source movement has changed the face of computing more than almost anyone would have thought possible. Many people in the computer industry believe that these changes are the most important changes in computing since IBM contracted Microsoft to write an operating system for their personal computers. This article is intended to discuss the history, philosophy, and legal issues relating to Open Source. What is Open Source? Open Source or open-source software is different from proprietary software. In Open Source, the source code used in the software is available to anyone to examine, evaluate, and adapt. Open source has had an important impact on the way many developers view and create software. End users often use the term open-source to cover a variety of free and open source software. The Open Source Initiative has this for a definition of open-source software: Open source doesn't just mean access to the source code. The distribution terms of open-source software must comply with the following criteria: 1. Free Redistribution The license shall not restrict any party from selling or giving away the software as a component of an aggregate software distribution containing programs from several different sources.
    [Show full text]
  • VLC Media Player Introduction
    VideoLAN VLC media player introduction Rémi Denis-Courmont (Реми Дёни-Курмон) Saint Petersburg, Russia 3rd November 2018 24/10/18 1 Disclaimer The views expressed therein are solely those of the author in private capacity. They do not represent the views of the any third party that the author may be affiliated with, including, but not limited to employer or client. 24/10/18 2 About me ● 2003: Joined VideoLAN (student at École Centrale Paris) ● 2006: Volunteer (graduation) ● 2007: Nokia Linux phones ● Today - System software engineer NVIDIA mobile division Largest committer in VLC history ! 24/10/18 3 École Centrale Paris VIA Centrale Network ● 1989: TokenRing deployment – IBM ● 1996: Ethernet upgrade – Video streaming set as new goal – 3Com ● 2002: Gigabit upgrade – Proper multicast support (IPTV!) – ExtremeNetworks 24/10/18 5 VideoLAN (in 2004) 24/10/18 6 VideoLAN history ● 1996: Started as university project ● 1998: Version control switch-over ● 2000: Open-source licensing ● 2008: Independent foundation 24/10/18 7 VideoLAN 700+ Volunteers VLC The foundation ● Main developers and contributors ● Revenues: donations only – No direct income from advertising ● Costs – VideoLAN Developers' Days – Traveling – Infrastructure – Legal – Hardware 24/10/18 9 VideoLAN Devs Days ● Open-source multimedia projects – FFmpeg/libav – x264 – KDE multimedia – VLC media player – DVBlast – Open Broadcast Encoder – … 24/10/18 10 Multiple projects ● VLC media player ● DVBlast, Multicat ● VLMA streaming server manager ● VLC Skin designer ● VLMC video editor
    [Show full text]
  • 最美麗真的女人最美麗」這一詞想起來真久遠,是我 17 年前在廣告公司任 「認 職所策劃的廣告。為台新銀行在 1995 年 6 月首度發行「玫瑰卡」, 企圖塑造出玫瑰卡的產品價值,引起 20~35 歲、現代、都會、有自信女性的認 同,並自許成為最懂得女性的產品所做的定位包裝。
    編者的話 認真的女人 最美麗真的女人最美麗」這一詞想起來真久遠,是我 17 年前在廣告公司任 「認 職所策劃的廣告。為台新銀行在 1995 年 6 月首度發行「玫瑰卡」, 企圖塑造出玫瑰卡的產品價值,引起 20~35 歲、現代、都會、有自信女性的認 同,並自許成為最懂得女性的產品所做的定位包裝。 「認真的女人最美麗」榮獲 1997 年廣告流行語金句獎銀獎 ... 榮獲 VISA 國際組織「1998 卓越成就獎」... 「認真的女人最美麗」榮獲 1998 年廣告流行語金句獎銅獎 ... 哇 ! google 一查起來洋洋灑灑,但那些資料卻是被我封存好久了,猶記得千 里迢迢到天山農場去拍廣告片,花朵美麗種花的人辛苦,女主角樸實無華。其 實認真的女人最希望的是美麗被看見,美麗被欣賞。這次感謝我美麗又認真的 女同事們辛勤的工作更奉獻了美麗,要請各位看倌多多給予掌聲鼓勵!我們這 些男人們美其名在外打拼,但喝酒是工作嗎 ? 呵呵 ! 出一張嘴辛苦都是在公司 裡的女同事們,懺悔之餘當然要獻上嘴甜的一句「認真的女人最美麗」。 但最近又有個反向語「認真你就輸了!」本來是引為有些 事可以不用太計較,卻千萬別成了工作態度啊!其實人生不 怕輸,怕的是連輸的機會都沒有。近來我們又代理了新的產品 Citrix,雖並非台灣的首家代理,但建達有機會引進也是我們 有其既有代理不同的資源及整合能力,我們不怕輸、認真更是 我們的信念,所以有了更多的機會。因此我們也投入了更多的 資源,許多新增的生力軍都是資歷經驗完整的認真好手,容後 下期將為大家向大家一一介紹。 在日語中也有個詞叫【入魂:にゅうこん】是指「注入精神」 之意,這讓我想到最近產品的變化,硬體不再是硬體,除了軟 體之外更結合了線上服務進化成服務平台的概念。有了魂才有 了生命,有了服務邊際效應才長久。而這份專刊內容就是魂, 我們各個達人們也在 FB 開了論壇,各位合作夥伴讀者有問題 可以上論壇精神交流喔!好奇求知可是我們 IT 人骨和血裡的 魏新芳 IT 魂。讓建達與您一同掌握新的趨勢、新的變化,那解決方 讀機械,廣告公司經歷 10 年,建達國際 10 案的規劃就可以一次入魂了。 年。負責行銷和共同共應器約專案以及康樂 股長,寫寫小文字是興趣也是工作,努力讓 大家繼續能看下去。 2 封面人物 陳姬杏 Maggie - 採購專員 家好,我叫 Maggie,在建達已任職 10 年,擔任採購 大一職,所接觸的對象為原廠、經銷商、報關行。工作 內容涵蓋原廠每季預估數字、進 / 退貨、庫存控管 ..... 等。 每天都處在與數字搏鬥,因為每季數字是否達標就是我首 要工作重點之一,想當然而責任與壓力是非常重的。擔任這 份工作不緊要反應快還要 EQ 高,但我始終勉勵自己秉持著 《關關難過,關關過》的心態來面對每個難題。 在逆境中成長,相信所學到的,有別於一般順境中不同的 體驗。除了工作,平常假日的休閒放鬆當然是不能少的 ~ 不 管是跑步、騎鐵馬、出外踏青都是不錯的活動。若各位經銷 夥伴們有興趣也請一起加入我們的行列。 最後 ..... 也請別忘了要多多採購建達網路暨雲端產品喔 ~~ 張若梅 Rachel - 採購專員 囉 ! 各位經銷夥伴們大家好,我是 Rachel 於建達網路暨雲計 哈算商品團隊擔任採購已 2 年多,和 Maggie 互為工作上的搭擋, 負責銷售資料匯整、進貨入帳及 POS 資料數字匯整扣帳之工作。 此外,涵蓋對應 FORWA RDER 窗口,處理進口核對確認相關事務。 如有急貨欲確認目前貨況,可先行告知業務,我將會把最新貨況 UPDATE 給業務 ASAP。 這次榮幸擔任建達季刊的封面人物,希望能為黑白的產品價格表 增添一點色彩。大家除了對建達網路暨雲計算產品了解外,也別忘
    [Show full text]
  • Sourcerer's Apprentice and the Study of Code Snippet Migration
    Sourcerer’s Apprentice and the study of code snippet migration Stephen Romansky, Abram Hindle Cheng Chen, Baljeet Malhotra Department of Computing Science, University of Alberta BlackDuck Edmonton, Canada Burnaby, Canada romansky, [email protected] cchen, [email protected] Abstract—On the worldwide web, not only are webpages A common open source license violation is the lack of connected but source code is too. Software development is attribution, most Free/Libre Open Source Software (F/LOSS) becoming more accessible to everyone and the licensing for licenses require that the authors who wrote the code are software remains complicated. We need to know if software licenses are being maintained properly throughout their reuse attributed in documentation, in the source code, or in startup and evolution. This motivated the development of the Sourcerer’s messages. Not attributing the opensource copyright holder Apprentice, a webservice that helps track clone relicensing, violates the opensource license. Thus using the wrong license because software typically employ software licenses to describe or misattributing code can be costly because: how their software may be used and adapted. But most developers do not have the legal expertise to sort out license conflicts. In this • a developer or company can lose the rights to use, reuse, paper we put the Apprentice to work on empirical studies that and distribute source code and software they rely on; demonstrate there is much sharing between StackOverflow code • a developer or company a developer may be required to and Python modules and Python documentation that violates the licensing of the original Python modules and documentation: distribute their proprietary source code unexpectedly, if a software snippets shared through StackOverflow are often being copy-left license was included; relicensed improperly to CC-BY-SA 3.0 without maintaining • or, the developer or company may be sued for copyright the appropriate attribution.
    [Show full text]