DOCSLIB.ORG

Static Security Analysis Based on Input-Related Software Faults

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Static security analysis based on input-related software faults Csaba Nagy Spiros Mancoridis Department of Software Engineering Department of Computer Science University of Szeged Drexel University Szeged, Hungary Philadelphia, USA [email protected] [email protected] Abstract scanning tool is available, it is difficult to locate security faults during a code review: in general, a good code review It is important to focus on security aspects during the can uncover around 50% of the security problems [9]. development cycle to deliver reliable software. However, This paper presents an approach to helping developers locating security faults in complex systems is difficult and locate faults that are related to security by identifying parts there are only a few effective automatic tools available to of the source code that involve user input. The focus is on help developers. In this paper we present an approach to the input-related parts of the source code, since attackers help developers locate vulnerabilities by marking parts of commonly exploit security vulnerabilities by passing mal- the source code that involve user input. We focus on input- formed input data to applications. Mishandling input data related code, since an attacker can usually take advantage can be a source of common security faults in many lan- of vulnerabilities by passing malformed input to the appli- guages that support pointer arithmetic such as C and C++. cation. The main contributions of this work are two metrics Examples of security faults are buffer overflows, format to help locate faults during a code review, and algorithms to string vulnerabilities, and integer overflows [19]. The best locate buffer overflow and format string vulnerabilities in C known and, arguably, the most dangerous security faults are source code. We implemented our approach as a plugin to caused by buffer overflows, which are described in an arti- the Grammatech CodeSurfer tool. We tested and validated cle published in 1996 [1], and appear in the literature as far our technique on open source projects and we found faults back as 1988 [12]. This type of vulnerability is still com- in software that includes Pidgin and cyrus-imapd. mon in software systems and is difficult to locate either au- tomatically or by a manual code review. Recent research has shown that code defects related to buffer overflows are 1. Introduction still frequent in open source projects [10]. The main contributions of this paper are: As IT solutions become more common, the security of • two metrics (input coverage, input distance), which software systems becomes an increasingly important con- can help developers during a code review to locate sideration. Companies are paying close attention to soft- functions that likely contain security faults, ware security, as evidenced by their increased focus on se- curity aspects during the development cycle. For instance, • two algorithms, one published previously [26] and a Microsoft has published its Security Development Lifecycle new algorithm we created, to locate buffer overflow standard, which is a Microsoft-wide initiative and manda- and format string vulnerabilities in C source code, tory policy since 2004 [25]. One important activity of SDL, and many other software development process models, is • a demonstration of the effectiveness of these metrics the use of static code-scanning tools during the implemen- and algorithms as they are applied to open source soft- tation phase [25, 9]. These code-scanning tools perform a ware projects. static analysis of the source code, without executingthe pro- grams built from the code, which is the domain of dynamic Our technique is implemented as a plugin to the analysis. Locating security faults in software is still difficult CodeSurfer product of GrammaTech, Inc. The technique to do even with the help of static analyzers. Moreover, there was validated on open source projects and successfully are only few effective automatic tools available that can help identified several faults in software including in Pidgin and developers locate security faults. Even if an effective code- Cyrus Imapd. The remainderof this paper is organizedas follows: Sec- 3. get a list of dangerous functions using metrics, tion 2 is an overview of our analysis technique. Section 3 describes the metrics and algorithms underlying our tech- 4. perform automatic fault detection to find vulnerabili- nique. The results of applying our technique on security- ties. critical open source projects are presented in Section 4. Sec- tion 5 presents related work. Lastly, the paper concludes 2.1.1. Locate I/O points. Input data can come from many and outlines plans for future work in Section 6. different sources, not only from the standard input. It can come from input character devices, Internet sockets, files 2. Overview in the file system, et cetera. In general, input points are statements used to read input data from an external source by calling a system function to perform an I/O operation. This section presents an overview of the technique em- The input data is often a string that is stored in a buffer that ployed for a static security analysis based on input-related has been allocated on the stack or the heap. faults. 2.1.2. Extract input-related program points. After lo- 2.1. Technique cating the input points in the source code, it is possible to determine how the input data travels from one statement to another statement. This can be done using dataflow analy- sis, a technique for gathering information about the possi- ble set of values calculated at various points in a program. Once we have the path for all input points, we can deter- mine which parts of the source code involve user input by computing the union of these paths. To perform dataflow analysis on C/C++ code we use the CodeSurfer tool of GrammaTech, Inc. 2.1.3. Get the list of dangerous functions. We can obtain a list of functions that warrant an increased scrutiny by de- termining which parts of the source code involve user input. We call the list of such functions dangerous functions. Figure 1. Illustration of input-related security To give developers more information about a dangerous faults. Faults related to user input are marked with function we measure its coverage as the percentage of its “bombs” indicating vulnerabilities. source code statements that are tainted by user input. We also measure the distance in the dataflow graph between the The main idea behind our approach is to focus on the entry point of the function and the origin of the input data input-related parts of the source code, since an attacker can (i.e., the statement where input occurs). These metrics are usually take advantage of a security vulnerability by passing used to rank the functions in order to identify the functions malformed input data to the application. If this data is not that are the most tainted by user input. handled correctly it can cause unexpected behavior while the program is running. The path which the data travels 2.1.4. Automatic fault detection. Automatic fault de- through can be tracked using dataflow analysis [20] to de- tection is performed by our technique to detect security termine the parts of the source code that involve user input. problems in dangerous functions. These fault detections Software faults, can appear anywhere in the source code, are based on algorithms that are applied to the code’s cor- but if a fault is somewhere along the path of input data it responding data dependence graph and can point to buffer can act as a “land mine” of a security vulnerability. (An overflow or format string vulnerabilities. illustration can be seen on Figure 1). The main steps of our approach (Figure 2) are the fol- 2.2. CodeSurfer lowing: Our technique is implemented as a CodeSurfer1 plugin. 1. find locations in the source code where data is read CodeSurfer is a powerful static-analysis tool for C/C++ pro- using a system call of an I/O operation. These calls are grams. This tool was chosen because it is able to cre- marked as input points, ate a wide range of intermediate representations [2] for a 2. get the set of program points involved in user input, 1http://www.grammatech.com Figure 2. The overview of our system. given program including: Abstract Syntax Tree (AST), Call ditional parameters to procedures. Graph, Interprocedural Control-Flow Graph (CFG), Points- A system dependence graph can be used for many pur- to Graph, set of variables used and modified for each func- poses such as code optimization [14], reverse engineering, tion, Control Dependence Graph, and Data Dependence program testing [6], program slicing [18], software quality Graph. The CodeSurfer tool can be extended with plugins assurance [17], and software safety analysis [29]. using its internal scripting language or its C/C++ API. This work employs SDG, and the extracted dataflow in- The most important feature of CodeSurfer, for the pur- formation stored in this representation, to determine the poses of this work, is that, after a whole-program analysis paths on which user-related input travels from its input is performed, CodeSurfer can build a precise system depen- point. dence graph [18] due to its pointer-analysis [3] capability. 3. Technique 2.3. System dependence graph Depending on the the application there are different def- This section describes our technique and presents details initions for program dependence graph (PDG) [18, 14, 22]. about how metrics and algorithms are used to locate buffer overflow and format string vulnerabilities. PDG is a directed graph representation (GP ) of a program (P ), where vertices represent program points (e.g., assign- ment statements, call-sites, variables, control predicates) 3.1.
Recommended publications
  • 'Building' Architects and Use of Open-Source Tools Towards Achievement of Millennium Development Goals

    'Building' Architects and Use of Open-Source Tools Towards Achievement of Millennium Development Goals

    'Building' Architects and Use of Open-source Tools Towards Achievement of Millennium Development Goals. Oku, Onyeibo Chidozie Department of Architecture Faculty of Environmental Sciences Enugu State University of Science and Technology Email: [email protected] ABSTRACT Millennium Development Goals (MDGs) were established by the United Nations to improve the well-being of humans and their habitat. Whether they are the target beneficiaries or amongst the parties administering services for achieving the MDGs, humans must carry out these activities in a physical environment. Hence, the Seventh Goal of the MDG has an indirect and far-reaching relationship with the others because it deals with the sustainable development of the built environment. Architects deliver consultancy services that span the design, documentation and construction supervision of the built environment. This study sought to determine the extent to which these professionals can do this, with respect to the Seventh Millennium Development Goal, using mainly open-source tools. The study draws from literature reviews, end-user feedback or reports, interviews with developers of applicable open-source products, and statistics from a survey, launched in 2011, for capturing how architects use ICT in their businesses. Analysis of popular open-source technologies for the Architecture, Engineering and Construction (AEC) industry show a concentration of resources in favour of the later stages of the Architect's role, rather than the design and contract-drawing stages. Some of the better-implemented tools are either too cryptic for professionals who communicate in graphical terms, or heavily biased towards software engineering practices. The products that promise Building Information Modelling (BIM) capabilities are still at an early developmental stage.
  • Tao-Of-Tmux Documentation 发布 V1.0.2

    Tao-Of-Tmux Documentation 发布 V1.0.2

    tao-of-tmux Documentation 发布 v1.0.2 Tony Narlock 2020 年 04 月 18 日 Contents 1 前言 3 1.1 关于本书 ............................................... 3 1.2 代码等风格说明 ........................................... 4 1.3 本书主要内容 ............................................. 4 1.4 打赏 .................................................. 5 1.5 书籍形式(Formats) ........................................ 5 1.6 勘误说明(Errata){#errata} ................................... 5 1.7 感谢 .................................................. 6 1.8 本书跟新和 tmux 的变动 ...................................... 6 2 tmux 初识 {#thinking-tmux} 7 2.1 terminal 的窗口管理器 ....................................... 8 2.2 多任务处理 .............................................. 9 2.3 在后台运行程序 ........................................... 10 2.4 Powerful combos ........................................... 11 2.5 小节 .................................................. 12 3 Terminal 基础知识(fundamentals){#terminal-fundamentals} 13 3.1 POSIX 标准 ............................................. 13 3.2 Terminal interface .......................................... 14 3.3 Terminal emulators ......................................... 15 3.4 Shell languages {#shell-languages} ................................ 15 3.5 Shell interpreters (Shells) {#shells} ................................ 15 3.6 小节 .................................................. 16 4 开始使用(Practical usage){#practical-usage} 17 4.1 前缀组合快捷键(prefix key ){#prefix-key} ........................... 17 4.2 Session persistence and the server model ............................. 19
  • Informational Internet Relay

    Informational Internet Relay

    Network Working Group C. Kalt Request for Comments: 2813 April 2000 Updates: 1459 Category: Informational Internet Relay Chat: Server Protocol Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract While based on the client-server model, the IRC (Internet Relay Chat) protocol allows servers to connect to each other effectively forming a network. This document defines the protocol used by servers to talk to each other. It was originally a superset of the client protocol but has evolved differently. First formally documented in May 1993 as part of RFC 1459 [IRC], most of the changes brought since then can be found in this document as development was focused on making the protocol scale better. Better scalability has allowed existing world-wide networks to keep growing and reach sizes which defy the old specification. Kalt Informational [Page 1] RFC 2813 Internet Relay Chat: Server Protocol April 2000 Table of Contents 1. Introduction ............................................... 3 2. Global database ............................................ 3 2.1 Servers ................................................ 3 2.2 Clients ................................................ 4 2.2.1 Users ............................................. 4 2.2.2 Services .......................................... 4 2.3 Channels ..............................................
  • Ubuntu Server Guide Ubuntu Server Guide Copyright © 2010 Canonical Ltd

    Ubuntu Server Guide Ubuntu Server Guide Copyright © 2010 Canonical Ltd

    Ubuntu Server Guide Ubuntu Server Guide Copyright © 2010 Canonical Ltd. and members of the Ubuntu Documentation Project3 Abstract Welcome to the Ubuntu Server Guide! It contains information on how to install and configure various server applications on your Ubuntu system to fit your needs. It is a step-by-step, task-oriented guide for configuring and customizing your system. Credits and License This document is maintained by the Ubuntu documentation team (https://wiki.ubuntu.com/DocumentationTeam). For a list of contributors, see the contributors page1 This document is made available under the Creative Commons ShareAlike 2.5 License (CC-BY-SA). You are free to modify, extend, and improve the Ubuntu documentation source code under the terms of this license. All derivative works must be released under this license. This documentation is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE AS DESCRIBED IN THE DISCLAIMER. A copy of the license is available here: Creative Commons ShareAlike License2. 3 https://launchpad.net/~ubuntu-core-doc 1 ../../libs/C/contributors.xml 2 /usr/share/ubuntu-docs/libs/C/ccbysa.xml Table of Contents 1. Introduction ........................................................................................................................... 1 1. Support .......................................................................................................................... 2 2. Installation ............................................................................................................................
  • 15-441: Computer Networks Project 1: Internet Relay Chat (IRC) Server

    15-441: Computer Networks Project 1: Internet Relay Chat (IRC) Server

    15-441: Computer Networks Project 1: Internet Relay Chat (IRC) Server Lead TA: Daegun Won <[email protected]> Assigned: January 21, 2010 Checkpoint 1 due: January 26, 2010 Checkpoint 2 due: February 4, 2010 Final version due: February 16, 2010 1 Introduction The purpose of this project is to give you experience in developing concurrent network applications. You will use the Berkeley Sockets API to write an Internet chat server using a subset of the Internet Relay Chat protocol (IRC)[1]. IRC is a global, distributed, real-time chat system that operates over the Internet. An IRC network consists of a set of interconnected servers. Once users are connected to an IRC server, they can converse with other users connected to any server in the IRC network. IRC provides for group communication, via named channels, as well as personal communication through “private” messages. For more information about IRC, including available client software and public IRC networks, please see The IRC Prelude[2]. If you have not used IRC before, you may want to try it out to get a feel for what it is. For a quick start, log in to an Andrew machine, and run irssi -c irc.freenode.net -n nickname where nickname is the nickname you want to use. Then type /join #networking to join a networking discussion channel. Other channels you might be interested include #gentoo, #redhat, #perl, and #c++. After you have tried out the text mode IRC client, you may want to try out graphical clients such as xchat and chatzilla (part of mozilla).
  • Botnets, Zombies, and Irc Security

    Botnets, Zombies, and Irc Security

    Botnets 1 BOTNETS, ZOMBIES, AND IRC SECURITY Investigating Botnets, Zombies, and IRC Security Seth Thigpen East Carolina University Botnets 2 Abstract The Internet has many aspects that make it ideal for communication and commerce. It makes selling products and services possible without the need for the consumer to set foot outside his door. It allows people from opposite ends of the earth to collaborate on research, product development, and casual conversation. Internet relay chat (IRC) has made it possible for ordinary people to meet and exchange ideas. It also, however, continues to aid in the spread of malicious activity through botnets, zombies, and Trojans. Hackers have used IRC to engage in identity theft, sending spam, and controlling compromised computers. Through the use of carefully engineered scripts and programs, hackers can use IRC as a centralized location to launch DDoS attacks and infect computers with robots to effectively take advantage of unsuspecting targets. Hackers are using zombie armies for their personal gain. One can even purchase these armies via the Internet black market. Thwarting these attacks and promoting security awareness begins with understanding exactly what botnets and zombies are and how to tighten security in IRC clients. Botnets 3 Investigating Botnets, Zombies, and IRC Security Introduction The Internet has become a vast, complex conduit of information exchange. Many different tools exist that enable Internet users to communicate effectively and efficiently. Some of these tools have been developed in such a way that allows hackers with malicious intent to take advantage of other Internet users. Hackers have continued to create tools to aid them in their endeavors.
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb

    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
  • Ubuntu Server Guide Ubuntu Server Guide Copyright © 2016 Contributors to the Document

    Ubuntu Server Guide Ubuntu Server Guide Copyright © 2016 Contributors to the Document

    Ubuntu Server Guide Ubuntu Server Guide Copyright © 2016 Contributors to the document Abstract Welcome to the Ubuntu Server Guide! It contains information on how to install and configure various server applications on your Ubuntu system to fit your needs. It is a step-by-step, task-oriented guide for configuring and customizing your system. Credits and License This document is maintained by the Ubuntu documentation team (https://wiki.ubuntu.com/DocumentationTeam). A list of contributors is below. This document is made available under the Creative Commons ShareAlike 3.0 License (CC-BY-SA). You are free to modify, extend, and improve the Ubuntu documentation source code under the terms of this license. All derivative works must be released under this license. This documentation is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE AS DESCRIBED IN THE DISCLAIMER. A copy of the license is available here: Creative Commons ShareAlike License1. Contributors to this document are: • Members of the Ubuntu Documentation Project2 • Members of the Ubuntu Server Team3 • Contributors to the Community Help Wiki4 • Other contributors can be found in the revision history of the serverguide5 and ubuntu-docs6 bzr branches available on Launchpad. 1 https://creativecommons.org/licenses/by-sa/3.0/ 2 https://launchpad.net/~ubuntu-core-doc 3 https://launchpad.net/~ubuntu-server 4 https://help.ubuntu.com/community/ 5 https://bazaar.launchpad.net/~ubuntu-core-doc/serverguide/trunk/changes 6 https://bazaar.launchpad.net/~ubuntu-core-doc/ubuntu-docs/trunk/changes Table of Contents 1.
  • Open Source Used in Cisco 910 Industrial Router 1.1

    Open Source Used in Cisco 910 Industrial Router 1.1

    Open Source Used In Cisco 910 Industrial Router 1.1 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-67490505 Open Source Used In Cisco 910 Industrial Router 1.1 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-67490505 Contents 1.1 bridge-utils 1.5 1.1.1 Available under license 1.2 busybox 1.20.2 1.2.1 Available under license 1.3 curl 7.32.0 1.3.1 Available under license 1.4 dhcp 4.1-ESV-R8 1.4.1 Available under license 1.5 ebtables v2.0.10-4 1.5.1 Available under license 1.6 eventlog 0.2.12 :1.el6 1.6.1 Available under license 1.7 expat 2.1.0 1.7.1 Available under license 1.8 flex 2.5.37 1.8.1 Available under license 1.9 glib 2.38.2 1.9.1 Available under license 1.10 hostapd 0.7.3 1.10.1 Available under license 1.11 iproute2 3.7.0 1.11.1 Available under license 1.12 ipsec-tools 0.8.0 1.12.1 Available under license 1.13 iptables 1.4.18 1.13.1 Available under license Open Source Used In Cisco 910 Industrial Router 1.1 2 1.14 ipv6calc 0.92.0
  • How to Install and Configure Irssi May 6, 2013How Toirc, Linux

    How to Install and Configure Irssi May 6, 2013How Toirc, Linux

    How to install and configure irssi May 6, 2013How Toirc, linux Email irssi is a command-line IRC client. When properly configured, it can automatically reconnect and re-identify to channels without any user intervention. It is ideal for use within a reliable server shell, where your session is maintained between uses. Step 1 – Install irssi 1 sudo apt-get install irssi Not using aptitude? Download from irssi.org Step 2 – Install a theme I use the Zenbarn theme. Save this theme (or another theme of your preference) in ~/.irssi/ Step 3 – Install scripts I use the following scripts. Scripts are placed in ~/.irssi/scripts/ . ascii.pl – Prints text as ASCII art . autoaway.pl – Controls your away status depending on your activity . email_privmsgs.pl – Emails unread private messages to you . nm.pl – Divides nicknames and channel text into two columns Open any scripts you decide to use with a text editor and read the first few lines. Some scripts require configuration to be used properly. For example, you will need to set your email address to have private messages emailed to you. To start a script automatically, create a symbolic link to it in ~/.irssi/scripts/autorun/ 1 mkdir ~/.irssi/scripts/autorun 2 cd ~/.irssi/scripts/autorun/ 3 ln -s ../ascii.pl ascii.pl 4 ln -s ../autoaway.pl autoaway.pl 5 ln -s ../email_privmsgs.pl email_privmsgs.pl 6 ln -s ../nm.pl nm.pl If you prefer to start your scripts manually, or irssi is already running and you don’t want to restart it, use /script load scriptname.pl Step 4 – Configure irssi The following is my .irssi/config file.
  • Debian Install Ca Certificates

    Debian Install Ca Certificates

    Debian Install Ca Certificates Heathier and petechial Hagen outstruck almost constantly, though Boyd shields his distances moults. Red gallivants her lent yestreen, bombacaceous and expiatory. Which Benjamin renegotiating so effulgently that Axel incommoding her lacquers? Machine like to handle the script your ssl directory you install debian is the certificate stored in the server history and holds a gui and reload the cacert root After these steps, validate that your root certificate has been added by visiting a site using a signed certificate or your root CA. Most of ca cert, use secured connections made it does not include this tutorial is installed ca is not accept your organisation is loaded and install. Cacert root ca creation complete and installed in pem certificate contents that no longer possible that would be on user with getting seemed to have also verify i have. This important table we will then whine the certificate components from that PFX file. Please wait while generating a ca, then you install ssh for installation is installed it seems so you run https server certificate is. There was based distributions. Did you install your CA certificate into the browser as trusted? Please let me know if any additional information needed to proceed further? They were removed, because these CA certificates are no longer under audit. CRLfile: none E: Some index files failed to download. DNS records are correct. Once this was protect, the object trace disappeared. The exception to this is Mozilla software such as the Firefox web browser and Thunderbird email client. Any suggestion would be appreciated.
  • List Software Pengganti Windows Ke Linux

    List Software Pengganti Windows Ke Linux

    Tabel Padanan Aplikasi Windows di Linux Untuk Migrasi Selasa, 18-08-2009 Kesulitan besar dalam melakukan migrasi dari Windows ke Linux adalah mencari software pengganti yang berkesesuaian. Berikut ini adalah tabel padanan aplikasi Windows di Linux yang disusun dalam beberapa kategori. Nama Program Windows Linux 1) Networking. 1) Netscape / Mozilla. 2) Galeon. 3) Konqueror. 4) Opera. [Prop] Internet Explorer, 5) Firefox. Web browser Netscape / Mozilla, Opera 6) Nautilus. [Prop], Firefox, ... 7) Epiphany. 8) Links. (with "-g" key). 9) Dillo. 10) Encompass. 1) Links. 1) Links 2) ELinks. Console web browser 2) Lynx 3) Lynx. 3) Xemacs + w3. 4) w3m. 5) Xemacs + w3. 1) Evolution. 2) Netscape / Mozilla/Thunderbird messenger. 3) Sylpheed / Claws Mail. 4) Kmail. Outlook Express, 5) Gnus. Netscape / Mozilla, 6) Balsa. Thunderbird, The Bat, 7) Bynari Insight GroupWare Suite. Email client Eudora, Becky, Datula, [Prop] Sylpheed / Claws Mail, 8) Arrow. Opera 9) Gnumail. 10) Althea. 11) Liamail. 12) Aethera. 13) MailWarrior. 14) Opera. 1) Evolution. Email client / PIM in MS 2) Bynari Insight GroupWare Suite. Outlook Outlook style [Prop] 3) Aethera. 4) Sylpheed. 5) Claws Mail 1) Sylpheed. 2) Claws Mail Email client in The Bat The Bat 3) Kmail. style 4) Gnus. 5) Balsa. 1) Pine. [NF] 2) Mutt. Mutt [de], Pine, Pegasus, Console email client 3) Gnus. Emacs 4) Elm. 5) Emacs. 1) Knode. 2) Pan. 1) Agent [Prop] 3) NewsReader. 2) Free Agent 4) Netscape / Mozilla Thunderbird. 3) Xnews 5) Opera [Prop] 4) Outlook 6) Sylpheed / Claws Mail. 5) Netscape / Mozilla Console: News reader 6) Opera [Prop] 7) Pine. [NF] 7) Sylpheed / Claws Mail 8) Mutt.