DOCSLIB.ORG

Data Collection on Security Flaws Caused by Design Errors

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Data Collection on Security Flaws Caused by Design Errors Data collection on security flaws caused by design errors Harald Terkelsen Master’s Thesis Master of Science in Information Security 30 ECTS Department of Computer Science and Media Technology Gjøvik University College, 2006 Institutt for informatikk og medieteknikk Høgskolen i Gjøvik Postboks 191 2802 Gjøvik Department of Computer Science and Media Technology Gjøvik University College Box 191 N-2802 Gjøvik Norway Data collection on security flaws caused by design errors Preface After three years of studying in my spare time while working a full time day job, it has not always been easy to find the energy or the time to work on the thesis in the evening after a long day at work first. But the motivation of finishing what I started and getting the master’s degree has kept me going. The time has unfortunately run out, and the thesis is not as complete as I hoped it should be at this time. I would like to thank my employer, Oslo University College (Høgskolen i Oslo), for letting me have days off work to follow the lectures at Gjøvik two days a week, six weeks each semester to pursue the masters degree. I also thank my supervisor Hanno Langweg, who originally proposed the topic, for his feedback on the drafts he reviewed, and also for being patience with my slow progression being a part time student. iii Data collection on security flaws caused by design errors Contents Preface .......................................... iii Contents ......................................... v 1 Introduction ..................................... 1 2 Previous and related work ............................. 5 2.1 Software design ................................. 5 2.1.1 Design principles ............................ 5 2.1.2 Security design patterns ........................ 7 2.2 Taxonomy and classification theory ...................... 7 2.3 Software flaw taxonomies ........................... 8 2.3.1 Security taxonomies .......................... 8 2.3.2 Defect classifications .......................... 16 2.4 The Common Vulnerabilities and Exposure list (CVE) ............ 17 2.5 Common Criteria ................................ 17 3 Software Design and Software Flaws ....................... 19 3.1 Software design ................................. 19 3.2 What is a design flaw? ............................. 22 3.3 Design versus Implementation ......................... 22 3.4 Some common implementation flaws and why they are not design flaws . 23 3.5 Design versus configuration .......................... 25 4 Vulnerability databases ............................... 27 4.1 Databases, Advisories and alerts ........................ 27 4.2 Evaluation and selection of databases ..................... 27 4.2.1 National Vulnerability Database .................... 29 4.2.2 Open Source Vulnerability Database ................. 29 4.3 Method for data collection ........................... 30 5 Developing a design flaw classification scheme ................. 33 5.1 Design elements from existing classifications and related work ....... 33 5.2 Design properties found in vulnerabilities from the databases ....... 34 5.3 The proposed classification .......................... 35 5.3.1 Description ............................... 35 5.3.2 Selection criteria when using the classification ............ 39 5.4 Other possible approaches ........................... 40 6 Applying the classification ............................. 43 6.1 Data source and method ............................ 43 6.2 Experience gained from using the classification ............... 44 6.3 Results from applying the classification .................... 44 7 Discussions ...................................... 47 7.0.1 The need for more details in the vulnerability databases ...... 48 8 Conclusions and future work ........................... 49 Bibliography ....................................... 51 v Data collection on security flaws caused by design errors A Vulnerability databases ............................... 55 B Design flaw vulnerabilities by category ..................... 61 C Vulnerabilities identified as design flaws .................... 65 D Vulnerabilities identified as maybe design flaws ................ 81 E Vulnerabilities identified as not design flaws .................. 91 F Vulnerabilities identified as unknown type ................... 115 G Programs to work with National Vulnerability Database ............ 119 G.1 nvd-parse.py .................................. 119 G.2 nvd-manage.py ................................. 123 vi Data collection on security flaws caused by design errors 1 Introduction Producing secure software is extremely hard to do right. The number of security flaws and vulnerabilities discovered in software each day is increasing at high speed. According to the National Vulnerability Database the number of vulnerabilities discovered in 2005 was 4859, more than twice the number of vulnerabilities discovered the year before. One way to classify vulnerabilities is to classify them after when in the development phase they are introduced, for example[28]: • Design • Implementation • Configuration Other phases like analysis (requirements), testing, or maintenance phase are also sometimes used [40, 34]. This thesis is a study of security related flaws with origin in the design phase. Such flaws are rooted in the design of the software, and exist even if the programmer im- plements the design perfectly making no mistakes in the programming. Security related design flaws are a lot about how security mechanisms like authentication, authorization and encryption are used and implemented, or how error handling is performed. Typical examples of design flaws include weak encryption, missing or insufficient access control. What make design flaws different from other classes of flaws? • They often cost more to fix. • They are not easily detected by testing or static analysis tools as implementation flaws. • Two different implementations of a flawed design will both be vulnerable Implementation flaws can often easily be fixed with small changes to the code, adding an extra check or using a more secure API call. Design flaws, on the other hand, are rooted in the design. Fixing them means making changes to the design. If the design is already implemented, changes to the design often means recoding parts of the code, sometimes changing larger portions of the code. The later in the development phase a design flaw is found, the more it cost to fix it. It can be 6.5 times more expensive to fix a flaw during the implementation phase than during design. And if the flaw is not found before the maintenance phase, it can cost as much as 60-100 times more. [18] Static analysis tools are programs built to detect flaws by automatically examine the source code of other programs. Design flaws are not as easily detected by static analysis methods as implementation flaws are. This means it is harder to create tools to auto- mate the search for design flaws. Several studies conclude that design reviews are more efficient for detecting design flaws than testing[44]. 1 Data collection on security flaws caused by design errors Security functionality are often added to software applications at the end of the de- velopment process when the rest of the functionality is finished, with weak security solu- tions as a result. There have been launched several books, reports and projects lately to increase the awareness and the importance of including security considerations in soft- ware projects from the start and throughout the entire software development process. Most notably is the Build security in1 project by the Strategic Initiatives Branch of the Na- tional Cyber Security Division (NCSD) of the Department of Homeland Security (DHS) in USA. The mission statement on the project’s web page describe the goal as “seeks to reduce software vulnerabilities, minimize exploitation, and address ways to improve the routine development and deployment of trustworthy software products“. The Internet Engineering Task Force (IETF) has also seen the need to focus more on security in their protocols. In RFC 3631 from 2003 they state that all protocols should provide appropri- ate security mechanisms, even if it is believed that the protocol’s domain of application is limited. Taxonomies and classification schemes are tools which can be used to classify and analyze the different vulnerabilities and flaws that can be found in computer software. Over the years many classification schemes for software vulnerabilities have been pro- posed. They take different approaches to classifying vulnerabilities, depending on the researchers goal. Many of them have a special focus on operating system flaws. From a designers view point, an operating system has a more standardized set of functionality needed to be implemented than a software application which can be one of a kind. But many of the classifications that consider application flaws, are based on the same cate- gories as those designed for classifying operating system flaws. This leads us to believe they might not be optimal in classifying design flaws. Collections of discovered vulnerabilities exist in different vulnerability databases. Sev- eral of these databases have a classification scheme they use to indicate the type of vul- nerability when data on the vulnerabilities are presented. Categories for design flaws exist, but only the top-level class ”design flaw“. No sub-categories for different types of design flaws seems to be used. The classification of the vulnerabilities does not seems to be consistent over the different databases. A vulnerability
Load more

Recommended publications
  • Download Here
    Seminar Nasional Sistem Informasi Indonesia, 1 Nopember 2016 SECURE REAL TIME PROTOCOL: SOLUSI ALTERNATIF PENGAMANAN CHATTING 1) Donny Seftyanto 1Sekolah Teknik Elektro dan Informatika, Institut Teknologi Bandung Jatinangor, Sumedang, 45363 Telp : (022) 7798600, Fax: (022) 7798617 1) E-mail : [email protected] Abstrak Off The Record (OTR) merupakan protokol kriptografi yang digunakan untuk menjamin keamanan chatting pada banyak aplikasi, seperti Xabber. Tetapi terdapat kelemahan pada protokol ini, yaitu kegagalan otentikasi, penipuan, dan penyangkalan. Untuk memberikan solusi alternatif dalam pengamanan chatting, maka dirancang protokol bernama Secure Real Time (SRT). SRT terdiri dari tiga tahap, yaitu Trusted Public Key Distribution, Key Exchange with Digital Signature, dan Signed and Encrypted Message Transmission with Key Derivation Function. Tahapan tersebut diterapkan dengan algoritma ECDSA-384, ECDH-384, AES-256, dan SHA-384 pada aplikasi Xabber, sehingga memberikan kekuatan keamanan algoritma yang lebih tinggi dari OTR. Lalu berdasarkan hasil evaluasi yang meliputi uji keamanan komunikasi dan pembandingan performa aplikasi Xabber, diketahui bahwa protokol SRT dapat menjamin kerahasiaan, keutuhan, keotentikan, nir-penyangkalan, dan tahan replay attack terhadap data penting di ketiga tahap SRT. Sedangkan tingkat kecepatan dan kemudahan aplikasi Xabber dengan SRT relatif lebih tinggi dari aplikasi Xabber dengan OTR. Kata kunci: chatting, kriptografi, OTR, SRT. Abstract Off The Record (OTR) is cryptographic protocol that is used to ensure the chatting safety in many applications, like Xabber. But there are weaknesses in this protocol, namely authentication failure, fraud, and repudiation. To provide alternative solution in securing chatting, then designed a protocol called Secure Real Time (SRT). SRT consists of three stages, namely The Trusted Public Key Distribution, Key Exchange with Digital Signature, and Signed and Encrypted Message Transmission with Key Derivation Function.
    [Show full text]
  • (12) United States Patent (10) Patent No.: US 8,387,155 B2 Gregg Et Al
    US008.387155B2 (12) United States Patent (10) Patent No.: US 8,387,155 B2 Gregg et al. (45) Date of Patent: *Feb. 26, 2013 (54) SYSTEM FORMANAGING ACCESS TO (56) References Cited PROTECTED COMPUTER RESOURCES U.S. PATENT DOCUMENTS (75) Inventors: Richard L. Gregg, Elkhorn, NE (US); 4,446,519 A 5/1984 Thomas Sandeep Giri, Omaha, NE (US); (Continued) Timothy C. Goeke, Elkhorn, NE (US) FOREIGN PATENT DOCUMENTS EP O 636963 A2 2, 1995 (73) Assignee: Prism Technologies LLC, Omaha, NE EP 0 762261 A2 9, 1996 (US) (Continued) OTHER PUBLICATIONS (*) Notice: Subject to any disclaimer, the term of this In the Matter of Certain Authentication Systems, Including Software patent is extended or adjusted under 35 and Handheld Electronic Devices; Investigation No. 337-TA-697; U.S.C. 154(b) by 0 days. Verified Complaint Under Section 337 of the Tariff Act of 1930. As Amended; 26 pages; Exhibit 2, 11 pages; Exhibit 3.31 pages; Exhibit This patent is Subject to a terminal dis 4.31 pages; Exhibit 5, 1 page; Exhibit 6;4 pages; Exhibit 7.31 pages; claimer. Exhibit 8, 2 pages; Exhibit 9, 92 pages; Exhibit 10, 4 pages; Exhibit 11, 92 pages; Exhibit 12, 56 pages; Exhibit 13, 17 pages; Exhibit 26, (21) Appl. No.: 12/944,473 2 pages; Exhibit 29, 10 pages; Exhibit 30, 1 page; Exhibit 31, 1 page; Exhibit32, 4 pages; Exhibit 34, 19 pages; Exhibit 35.3 pages; Exhibit 36, 1 page; Exhibit 37; 169 pages; Letter Submiting Verified Com (22) Filed: Nov. 11, 2010 plaint to the International Trade Comission; 2 pages; Letter Request ing Confidential Treatment of Exhibits; 2 pages; Dec.
    [Show full text]
  • Perfeccionamiento De Un Nuevo Simulador Interactivo, Bajo Software
    Perfeccionamiento de un nuevo simulador interactivo, bajo software libre gnu/linux, como desarrollo de una nueva herramienta en la enseñanza y aprendizaje de la física Harley J. Orjuela Ballesteros1, Alejandro Hurtado Márquez1 1Grupo de Investigación Física e Informática Fisinfor, Facultad de Ciencias y Educación, Universidad Distrital Francisco José de Caldas,, Carrera 3 No.26 A - 40, Bogotá, Colombia. E-mail: [email protected], [email protected] (Recibido el 22 de Diciembre de 2009; aceptado el 23 de Enero de 2010) Resumen Con el fin de proponer nuevos mecanismos e instrumentos en la enseñanza de la física este documento pretende divulgar el simulador físico Interactivo STEP, creado bajo ambiente GNU/Linux (código abierto), por el grupo The KDE Education Project (Kde-Edu) y modificado e implementado (bajo la autorización y cooperación de Kde-Edu) por el grupo de investigación colombiano Fisinfor, pues con el fin de lograr comprender y explicar las ciencias físicas se requiere el manejo adecuado de diferentes aspectos como lo son: el lenguaje verbal y matemático, los implementos de laboratorio, aplicación, manejo y desarrollo de nuevas herramientas didácticas como aplicativos, "fislet" (physlet) y software educativo. Palabras clave: Física General, Enseñanza, Software. Abstract With the purpose of proposing new mechanisms and instruments in the teaching of the physics this document it seeks to disclose the Interactive physical pretender STEP, created ambient first floor GNU/Linux (open code), for the group The KDE Education Project (Kde-Edu) and modified and implemented (under the authorization and cooperation of Kde-Edu) for the group of investigate-ción Colombian Fisinfor, because with the purpose of being able to understand and to explain the physical sciences the appropriate handling of different aspects it is required like they are it: the verbal and mathematical language, the laboratory implements, application, handling and development of new didactic tools as application, "fislet" (physlet) and educational software.
    [Show full text]
  • A Brief Review of Speech Synthesis
    Computer Science Computer Networks Piotr Leszczyński Book No. s4207 Remote voice Web browser for people with sight impairment Zdalna głosowa przeglądarka WWW dla osób niewidomych Engineering Thesis Written under the advice of Ph.D. Eng. Przemysław Skurowski Bytom September 2009 Contents 1 Introduction............................................................................... 7 2 A brief review of speech synthesis ................................................ 9 2.1 Human speech synthesis ......................................................... 9 2.2 Text-To-Speech systems overview .......................................... 10 2.2.2 Concatenation Speech Systems ...................................... 11 2.2.3 Articulator Speech Systems ............................................ 11 2.2.4 History ........................................................................ 12 3 Application modeling and implementation .................................... 14 3.1 Application concept ............................................................... 14 3.2 Functional requirements ........................................................ 15 3.3 Non-Functional requirements ................................................. 16 3.4 Feasibility analysis ................................................................ 16 3.5 Technical limitations ............................................................. 17 3.5.1 Accessibility ................................................................. 17 3.5.2 Speech synthesis .........................................................
    [Show full text]
  • O'reilly® Jason Hunter
    rr Help for Server-Side Java Developer, '" Jason Hunter O'REILLY® with William Crawford Page 1 of 94 J ava" Servlet Programming Page 2 of 94 THE JAVA"" SERIES Learning Java m Java'" Performance Tuning Java'" Threads Java'" Internationalization Java'· Network Programming JavaServer Pages" Database Programming with JDBC'Mand Java'" Java m Message Service Java'" Distributed Computing Developing Java Beans'M Java" Security Java" Cryptography Also from O'Reilly Java" Swing Java" Servlet Programming Java'M in a Nutshell Java" I/O J ava" Enterprise in a Nutshell J ava™ 2D Graphics Java'" Foundation Classes in a Nutshell Enterprise Javafleans" Java" Examples in a Nutshell Creating Effective JavaHelp'M JiniTM in a Nutshell Java'" and XML The Enterprise Java" CD Bookshelf Page 3 of 94 -, Javan, Servlet Programming Second Edition Jason Hunter with William Crawford O'REILLY® Beijing. Cambridge. Farnham» Koln » Paris > Sebastopol. Taipei. Tokyo Page 4 of 94 Java Servlet Programming, Second Edition byJason Hunter with William Crawford Copyright © 2001,1998 O'Reilly & Associates, Inc. All rights reserved. Printed in the United States of America. Published by O'Reilly & Associates, Inc., 101 Morris Street, Sebastopol, CA 95472. Editors: Robert Eckstein and Paula Ferguson Production Editor: Colleen Gorman Cover Designer: Hanna Dyer Printing History: October 1998: First Edition. April 2001: Second Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O'Reilly logo are registered trademarks and The Java™ Series is a trademark of O'Reilly & Associates, Inc. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O'Reilly & Associates, Inc.
    [Show full text]
  • Anexaminationofthebenefitsofus
    An Examination 1 Running head: AN EXAMINATION OF THE BENEFITS OF USING OPEN SOURCE An Examination of the Benefits of Using Open Source Software in Schools Charles E. Craig, Jr. Tennessee Tech University July 21, 2011 An Examination 2 Abstract This research is an examination of ways that open source software can bring educational value and significant cost savings to K-12 schools. Existing case studies and other research are examined. Particular attention is given to K-12 schools which have implemented the free and open source Linux operating system to replace Microsoft Windows on older computers, as well as schools which have replaced Microsoft Office with OpenOffice. An Examination 3 Table of Contents Abstract …………………………………………………………………………………………2 List of Tables/Figures ………………………………………………………………………….. 4 Chapter I. Introduction …………………………………………………………………………..5 Chapter II. Methodology ………………………………………………………………………...8 Chapter III. A Comparison and Contrast of Proprietary Software and Open Source Software …9 Chapter IV. Educational Benefits of Open Source Software …………………………………..12 Chapter V. Cost Benefits of Open Source Software ……………………………………….…..29 Chapter VI. Summary, Conclusions, Recommendations …………...………………………….33 References ……………………………………………………………………………………...38 An Examination 4 List of Tables/Figures TABLES: Table 1. A Comparison of RAM and CPU Usage in Various Linux Desktop Environments and Window Managers …………………………………………………………………...….14 FIGURES: Figure 1. The Ubuntu Linux desktop……………………………………………………………13 Figure 2. A screenshot of the LibreOffice Writer word processor running in Linux……………17 Figure 3. A screenshot of the Kalzium periodic table software ..……………………………….18 Figure 4. Kanagram ……………………………………………………………………………..19 Figure 5. KGeography ………………………………………………………………………..…20 Figure 6. The KStars desktop planetarium ………………………………………………..…….21 Figure 7. The TuxMath interactive educational game …………………………………………..22 Figure 8. TuxPaint ……………………………………………………………………………....23 Figure 9. Peppermint OS Two running on an eight year old Dell desktop ……………………..35 Figure 10.
    [Show full text]
  • Establishing Your School's First Computer System
    COMPUTER SYSTEM SUSTAINABILITY TOOLKIT UNIT 3: Establishing Your School’s First Computer System: Planning for Success 3 UNIT 3: ESTABLISHING YOUR SCHOOL’S FIRST COMPUTER SYSTEM: PLANNING FOR SUCCESS Page 3 This unit will help the leadership and staff at schools that do not yet have a computer system or lab make decisions about establishing a new computer system at their school. This unit may also be useful for SPTs at schools that already have computers and are thinking about buying more computer equipment or establishing additional computer labs. If your school already has a computer system and you are not considering expanding it at this time, you may wish to skip Unit 3 and jump to Unit 4. Why do we want to establish a computer effectively, you may want to stop the small system or lab at our school? group discussions and have each group This is an important question for the SPT briefly present the main points and answers to discuss and answer. At first, the answer to the questions its members have discussed. to this question may appear to be simple. Members of the SPT may answer, “Yes, we The questions that follow should help you should establish a computer system at our determine if your school should establish a school.” However, before you jump to this computer system or lab. Before starting the conclusion, it is important for you and the discussion, it would be helpful to present SPT to consider, discuss, and answer a few this list of questions to the SPT and ask if other related questions.
    [Show full text]
  • KINTSUGI Identifying & Addressing Challenges in Embedded Binary
    KINTSUGI Identifying & addressing challenges in embedded binary security jos wetzels Supervisors: Prof. dr. Sandro Etalle Ali Abbasi, MSc. Department of Mathematics and Computer Science Eindhoven University of Technology (TU/e) June 2017 Jos Wetzels: Kintsugi, Identifying & addressing challenges in embed- ded binary security, © June 2017 To my family Kintsugi ("golden joinery"), is the Japanese art of repairing broken pottery with lacquer dusted or mixed with powdered gold, silver, or platinum. As a philosophy, it treats breakage and repair as part of the history of an object, rather than something to disguise. —[254] ABSTRACT Embedded systems are found everywhere from consumer electron- ics to critical infrastructure. And with the growth of the Internet of Things (IoT), these systems are increasingly interconnected. As a re- sult, embedded security is an area of growing concern. Yet a stream of offensive security research, as well as real-world incidents, contin- ues to demonstrate how vulnerable embedded systems actually are. This thesis focuses on binary security, the exploitation and miti- gation of memory corruption vulnerabilities. We look at the state of embedded binary security by means of quantitative and qualitative analysis and identify several gap areas and show embedded binary security to lag behind the general purpose world significantly. We then describe the challenges and limitations faced by embedded exploit mitigations and identify a clear open problem area that war- rants attention: deeply embedded systems. Next, we outline the cri- teria for a deeply embedded exploit mitigation baseline. Finally, as a first step to addressing this problem area, we designed, implemented and evaluated µArmor : an exploit mitigation baseline for deeply em- bedded systems.
    [Show full text]
  • Etude Des Facteurs De Succès Du Projet Open Source Apache HTTP
    Etude des facteurs de succès du projet open source Apache HTTP Dr Ir Robert Viseur * ** * CETIC, Avenue Jean Mermoz, 28, B-6041 Charleroi ** UMONS Faculté Polytechnique, Rue de Houdain, 9, B-7000 Mons [email protected], [email protected] Résumé : Avec Linux, Firefox et OpenOffice.org, le projet Apache HTTP fait partie des success stories populaires dans le domaine open source. Dans cette recherche, nous proposons d’explorer les facteurs de succès qui ont permis au serveur web Apache HTTP de devenir un projet open source mondial et pérenne. Après une étude longitudinale du projet identifiant les facteurs de succès, nous discutons différents apprentissages à l’usage des gestionnaires et développeurs de projets collaboratifs. Mots clés : logiciel libre, open source, serveur web, apache, utilisateur de pointe, world wide web. 1 Study of success factors for the Apache HTTP open source project Dr Ir Robert Viseur * ** * CETIC, Avenue Jean Mermoz, 28, B-6041 Charleroi ** UMONS Faculté Polytechnique, Rue de Houdain, 9, B-7000 Mons [email protected], [email protected] Abstract With Linux, Firefox and OpenOffice.org, Apache HTTP project is one of the popular success stories in the open source sector. In this research, we propose to explore the success factors that enabled Apache HTTP Web server to become a wordlwide and sustainable open source project. After a longitudinal study of the project identifying success factors, we discuss different findings for managers and developers aiming to set up collaborative projects. Keywords free software, open source, web server, apache, lead user, world wide web. 2 Introduction Le serveur web Apache HTTP, avec sa part de marché fréquemment supérieure à 50%, est un des logiciels open source incontournables.
    [Show full text]
  • Děti a Linux
    DĚTI A LINUX. RND R. ŠÁRKA VAVREČKOVÁ , PHD. Ústav informatiky, Filozoficko-přírodovědecká fakulta Slezské univerzity v Opavě, tel. +420 553 684 366, e-mail: [email protected], web: http://fpf.slu.cz/~vav10ui Na počítačích ve většině škol a domácích počítačích využívaných dětmi najdeme většinou Windows. V tomto článku se zamýšlíme nad tím, zda by v některých případech nebylo lepší místo Windows používat Linux. Je všeobecně známo, že po finanční stránce Linux vítězí, ale pořád se objevují argumenty poukazující na složitost Linuxu, nedostatek výukových prog- ramů a her, a také odlišnost od „majoritního“ operačního systému. V textu se budeme zabývat vztahem dětí k Linuxu, volbou vhodné distribuce Linuxu a grafického prostředí, problematikou správy zaměřenou na školství a především nabídkou výuko- vých programů a didaktických her pro tento operační systém. Kľúčové slová : Linux, distribuce, KDE, GNOME, výukový software, didaktická hra, SMART Board Devizou Linuxu vzhledem k dětem je nepřeberné 1. ÚVOD množství programů včetně výukového softwaru V současné době se děti dostávají do kontaktu a her, které se nainstalují už při instalaci operačního s počítačem velmi brzy, ať už doma, u kamaráda systému. Je pravda, že některé z nich nejsou dosud nebo ve škole. Tento fakt nelze moc ovlivňovat, lokalizované do češtiny nebo slovenštiny, nebo sice souvisí s dobou, ve které děti vyrůstají, ano, ale kromě nápovědy, ale v současné době se a s požadavky, které jsou na ně kladeny ve vyšším děti už na prvním stupni základních škol učí anglic- věku. Rodiče a učitelé však mají možnost ovlivnit ky (s problémy se setkáváme spíše u vyučujících alespoň to, k čemu má dítě na počítači přístup.
    [Show full text]
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]
  • Junos® OS Intrusion Detection and Prevention User Guide Copyright © 2021 Juniper Networks, Inc
    Junos® OS Intrusion Detection and Prevention User Guide Published 2021-09-21 ii Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Junos® OS Intrusion Detection and Prevention User Guide Copyright © 2021 Juniper Networks, Inc. All rights reserved. The information in this document is current as of the date on the title page. YEAR 2000 NOTICE Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036. END USER LICENSE AGREEMENT The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement ("EULA") posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you agree to the terms and conditions of that EULA. iii Table of Contents
    [Show full text]