Secure Communication: Is It Possible with SSL and Or SSH?

Total Page:16

File Type:pdf, Size:1020Kb

Secure Communication: Is It Possible with SSL and Or SSH? Secure Communication: Is it possible with SSL and or SSH? Edvard Wikström Supervisor, [email protected] Tina Lindkvist, [email protected] TDDC03 Information Security Project Linköping University May 8, 2004 Abstract 2. Formatting your paper The purpose of this project is to gather information This document will analyze the SSH and SSL about SSL and SSH as tools for security protocols for secure communication. To achieve this, communication and present them in relation to their white papers and information from reliable sources features, usability and vulnerabilities. Short related to this domain have been studied. Descriptions instructions of installation and configuration will be of how the protocols work and their vulnerabilities are presented for both technologies, this will only provide presented in sufficiently detail to understand their the necessary information to get a quick start. The weaknesses. focus is directed towards vulnerabilities and attacks against these utilities. SSL and SSH are both among 3. SSL the most used methods for transporting information securely through networks. The conclusion is that they 3.2 Background offer good security in open networks if proper configuration and updates are applied The SSL protocol is intended to provide a practical, application-layer, widely connection oriented 1. Introduction mechanism for Internet client/server communication security developed by Netscape. To use the SSL Secure communication is essential for exchange of protocol, the host computer, the client, must be sensitive information. For a long time weak protocols equipped with an SSL Certificate. A digital certificate like Telnet, FTP, the old UNIX utilities, rlogin, rsh is an electronic message that verifies that a user and rcp have been used but they do not provide a sending a message is who he or she claims to be, and secure way for the interchange of data. The growth to provide a way to the receiver the means to encode a and broad expansion of the World Wide Web has reply. A digital certificate contains the public key of changed its intended use from the beginning. More the certificate holder and a variety of other and more businesses have established online-shops, identification information. Digital certificates are banks allow their customers to connect to their website issued by a Certificate Authority, such as VeriSign [1], and make transactions instantaneously. This new e- which are trusted third-party sources that have been commerce era is changing the way we purchase authorized by banks, governments and other products and services. In this document I will present institutions to guarantee the identity of the holder of and analyze two methods for the secure interchange of the certificate. information in open networks. The objective with this SSL works by using a public key to encrypt data document is to answer three questions about these that is transferred over the SSL connection. The tools: biggest browsers like Internet Explorer, Netscape, Mozilla and Opera supports it. Currently two versions • How easy are they to use? of SSL are available, 2.0 and 3.0. Many websites use • How secure are they? the protocol to obtain confidential information, such • Do you need to be an expert to use them? as credit card numbers. By convention, URL: s (Uniform Resource Locator) that requires an SSL encrypted SSL connection is protected with a connection starts with https:// instead of the normal mechanism for detecting tampering, whether data http://. Today, SSL has become the de facto standard has been altered in transit. for cryptographic protection of Web http traffic. The picture below shows where the SSL layer is Improvements and development to the protocol is placed in relation to the other layers in the protocol made by the IETF TLS (Transport Layer Security) stack. workgroup. Its is defined by RFC 2246. 3.2 Features and functionality The SSL protocol runs above TCP/IP and below high-level application protocols such as HTTP or IMAP. It uses TCP/IP on behalf of the higher-level protocols, and allows an SSL-enabled server to authenticate itself to an SSL enabled client, at the same time the client authenticates itself to the server and allows both machines to establish an encrypted connection. SSL client authentication allows a server to confirm the user’s identity using the same techniques as those used for the server. There are a great number of SSL implementations; here is a list of the most common companies and The fundamental steps for the SSL protocol are the organizations providing SSL implementations: following: • SSL server authentication – allows a user to • Cisco confirm a server’s identity. The SSL enabled client • Sun software can use standard techniques of public key • IBM cryptography to check that a server’s certificate • SSL.com and public ID are valid and have been issued by a • OpenSSL – open source. certificate authority (CA) which is listed in the client’s list of trusted CA: s. This confirmation is OpenSSL is an open source variant widely used in important if the user sends the credit card number both the open source community and in the to the server. It also allows the client and server to commercial world due to its attractive license. select the cryptographic algorithms or ciphers supported by both parts. The SSL protocol consists of two sub-protocols, the SSL record protocol and the SSL handshake protocol. • SSL client authentication allows a server to The record part defines the format used to transmit confirm the user’s identity. Using the same data, the handshake part involves using the SSL techniques as those used for server authentication, record protocol to exchange a series of messages SSL enabled server software can check that a between an SSL enabled server and an SSL enabled client’s certificate and public ID are valid and have client at the establishment of a connection. The been issued by a certificate authority (CA), listed exchange of messages is designed to facilitate in the server’s list of trusted CA: s. This the following actions: confirmation is important if the server sends confidential financial information to a customer. More specifically, the record layer provides confidentiality, authenticity and replay protection over • An encrypted SSL connection requires all a connection-oriented reliable transport protocol such information sent between a client and a server to as TCP. The handshake layer which takes care of the be encrypted by the sending software and key-exchange which initializes and synchronized decrypted by the receiving software, thus providing cryptographic state at the two endpoints of a high degree of confidentiality. Confidentiality is communication. important for both parties to any private transaction. In addition, all data sent over an Both SSL 2.0 and 3.0 protocols support The nice thing about SSL is that its use is almost overlapping sets of ciphers suites. These can be transparent to the user. Having a SSL capable browser enabled or disabled by an administrator. When a client or e-mail client it’s all that is needed, which today and server exchange information during the SSL applications supports by default. When connecting for handshake, they identify the strongest enabled cipher the first time to a server requiring SSL, it will first ask suit they have in common for the SSL session. you to download a certificate so you can verify your identity from then on. This is normally done by These ciphers below are used to authenticate the entering some credentials validating the user. If this client and server, transmit certificates and establish verification step is approved the server sends to the session keys. client a certificate. The user simply needs to check that the certificate comes from the claimed source by • DES - Data Encryption Standard, an encryption inspecting the information presented. If the source is algorithm used by the U.S Government. trusted, accepting the certificate is all that is required. • DSA - Digital Signature Algorithm, part of the Further visits to the server will not ask for the digital authentication standard used by the U.S certificate again, the browser will automatically take Government. care of it. The user needs to be aware of the padlock icon in the bottom corner of the browser which • KEA - Key Exchange Algorithm, used for key indicates that a secure connection with SSL is taking exchange by the U. S Government. place. • MD5. Message - Digest algorithm developed by Recently, the simplicity of SSL has caused a vast Rivest. amount of new VPN (Virtual Private Network) products to use SSL as the communication protocol • RC2 and RC4 - Rivest encryption ciphers instead of the IPSec (IP Security) protocol. With IPSec developed for RSA Data Security special software is normally needed at the client and server side, careful and detailed configuration makes it • RSA - A public key-algorithm for both an inappropriate solution compared to SSL based encryption and authentication. Developed by VPN: s. Rivest, Shamir and Adleman 3.5 Vulnerabilities • RSA key exchange - A key-exchange algorithm for SSL based on RSA. SSL is not invulnerable. It has shown a vast number of flaws during the years. I will only name the • SHA-1- Secure Hash Algorithm, a hash function most serious ones implicating different used by the U.S Government. implementations of the SSL protocol. A paper from • SKIPJACK- A classified symmetric-key the security expert Bruce Schneier and David Wagner algorithm used by the U.S Government. [2] gives an analysis of the cryptographic strength of the SSL 3.0 protocol. A number of flaws in the • Triple-DES – DES applied three times. protocol are presented, but his conclusion is that it is a good improvement compared to the SSL 2.0 version. As we will see, other vulnerabilities were found and 3.3 Installation and Configuration exploited.
Recommended publications
  • Mining of Massive Datasets
    Mining of Massive Datasets Anand Rajaraman Kosmix, Inc. Jeffrey D. Ullman Stanford Univ. Copyright c 2010, 2011 Anand Rajaraman and Jeffrey D. Ullman ii Preface This book evolved from material developed over several years by Anand Raja- raman and Jeff Ullman for a one-quarter course at Stanford. The course CS345A, titled “Web Mining,” was designed as an advanced graduate course, although it has become accessible and interesting to advanced undergraduates. What the Book Is About At the highest level of description, this book is about data mining. However, it focuses on data mining of very large amounts of data, that is, data so large it does not fit in main memory. Because of the emphasis on size, many of our examples are about the Web or data derived from the Web. Further, the book takes an algorithmic point of view: data mining is about applying algorithms to data, rather than using data to “train” a machine-learning engine of some sort. The principal topics covered are: 1. Distributed file systems and map-reduce as a tool for creating parallel algorithms that succeed on very large amounts of data. 2. Similarity search, including the key techniques of minhashing and locality- sensitive hashing. 3. Data-stream processing and specialized algorithms for dealing with data that arrives so fast it must be processed immediately or lost. 4. The technology of search engines, including Google’s PageRank, link-spam detection, and the hubs-and-authorities approach. 5. Frequent-itemset mining, including association rules, market-baskets, the A-Priori Algorithm and its improvements. 6.
    [Show full text]
  • Linux Administrators Security Guide LASG - 0.1.1
    Linux Administrators Security Guide LASG - 0.1.1 By Kurt Seifried ([email protected]) copyright 1999, All rights reserved. Available at: https://www.seifried.org/lasg/. This document is free for most non commercial uses, the license follows the table of contents, please read it if you have any concerns. If you have any questions email [email protected]. A mailing list is available, send an email to [email protected], with "subscribe lasg-announce" in the body (no quotes) and you will be automatically added. 1 Table of contents License Preface Forward by the author Contributing What this guide is and isn't How to determine what to secure and how to secure it Safe installation of Linux Choosing your install media It ain't over 'til... General concepts, server verses workstations, etc Physical / Boot security Physical access The computer BIOS LILO The Linux kernel Upgrading and compiling the kernel Kernel versions Administrative tools Access Telnet SSH LSH REXEC NSH Slush SSL Telnet Fsh secsh Local YaST sudo Super Remote Webmin Linuxconf COAS 2 System Files /etc/passwd /etc/shadow /etc/groups /etc/gshadow /etc/login.defs /etc/shells /etc/securetty Log files and other forms of monitoring General log security sysklogd / klogd secure-syslog next generation syslog Log monitoring logcheck colorlogs WOTS swatch Kernel logging auditd Shell logging bash Shadow passwords Cracking passwords John the ripper Crack Saltine cracker VCU PAM Software Management RPM dpkg tarballs / tgz Checking file integrity RPM dpkg PGP MD5 Automatic
    [Show full text]
  • Iclab: a Global, Longitudinal Internet Censorship Measurement Platform
    ICLab: A Global, Longitudinal Internet Censorship Measurement Platform Arian Akhavan Niaki∗y Shinyoung Cho∗yz Zachary Weinberg∗x Nguyen Phong Hoangz Abbas Razaghpanahz Nicolas Christinx Phillipa Gilly yUniversity of Massachusetts, Amherst zStony Brook University xCarnegie Mellon University {arian, shicho, phillipa}@cs.umass.edu {shicho, nghoang, arazaghpanah}@cs.stonybrook.edu {zackw, nicolasc}@cmu.edu Abstract—Researchers have studied Internet censorship for remains elusive. We highlight three key challenges that must nearly as long as attempts to censor contents have taken place. be addressed to make progress in this space: Most studies have however been limited to a short period of time and/or a few countries; the few exceptions have traded off detail Challenge 1: Access to Vantage Points. With few ex- for breadth of coverage. Collecting enough data for a compre- ceptions,1 measuring Internet censorship requires access to hensive, global, longitudinal perspective remains challenging. “vantage point” hosts within the region of interest. In this work, we present ICLab, an Internet measurement The simplest way to obtain vantage points is to recruit platform specialized for censorship research. It achieves a new balance between breadth of coverage and detail of measurements, volunteers [37], [43], [73], [80]. Volunteers can run software by using commercial VPNs as vantage points distributed around that performs arbitrary network measurements from each the world. ICLab has been operated continuously since late vantage point, but recruiting more than a few volunteers per 2016. It can currently detect DNS manipulation and TCP packet country and retaining them for long periods is difficult. Further, injection, and overt “block pages” however they are delivered.
    [Show full text]
  • Introduction to Linux and Using CSC Environment Efficiently
    Introduction to Linux and Using CSC Environment Efficiently Introduction UNIX A slow-pace course for absolute UNIX beginners February 10th, 2014 Lecturers (in alphabetical order): Tomasz Malkiewicz Atte Sillanpää Thomas Zwinger Program 09:45 – 10:00 Morning coffee + registration 10:00 – 10:15 Introduction to the course (whereabouts, etc.) 10:15 – 10:45 What is UNIX/Linux: history and basic concepts (multi-user, multi-tasking, multi-processor) 10:45 – 11:15 Linux on my own computer: native installation, dual-boot, virtual appliances 11:15 – 11:45 A first glimpse of the shell: simple navigation, listing, creating/removing files and directories 11:45 – 12:45 lunch 12:45 – 13:00 Text editors: vi and emacs 13:00 – 13:45 File permissions: concepts of users and groups, changing permissions/groups 13:45 – 14:15 Job management: scripts and executables, suspending/killing jobs, monitoring, foreground/background 14:15 – 14:30 coffee break 14:30 – 15:00 Setup of your system: environment variables, aliases, rc-files 15:00 – 15:30 A second look at the shell: finding files and contents, remote operations, text-utils, changing shells 15:30 – 17:00 Troubleshooter: Interactive session to deal with open questions and specific problems Program All topics are presented with interactive demonstrations Additionally, exercises to each of the sections will be provided The Troubleshooter section is meant for personal interaction and is (with a time- limit to 17:00) kept in an open end style Practicalities Keep the name tag visible Lunch is served in the same building.
    [Show full text]
  • CEH: Certified Ethical Hacker Course Content
    CEH: Certified Ethical Hacker Course ID #: 1275-100-ZZ-W Hours: 35 Course Content Course Description: The Certified Ethical Hacker (CEH) program is the core of the most desired information security training system any information security professional will ever want to be in. The CEH, is the first part of a 3 part EC-Council Information Security Track which helps you master hacking technologies. You will become a hacker, but an ethical one! As the security mindset in any organization must not be limited to the silos of a certain vendor, technologies or pieces of equipment. This course was designed to provide you with the tools and techniques used by hackers and information security professionals alike to break into an organization. As we put it, “To beat a hacker, you need to think like a hacker”. This course will immerse you into the Hacker Mindset so that you will be able to defend against future attacks. It puts you in the driver’s seat of a hands-on environment with a systematic ethical hacking process. Here, you will be exposed to an entirely different way of achieving optimal information security posture in their organization; by hacking it! You will scan, test, hack and secure your own systems. You will be thought the Five Phases of Ethical Hacking and thought how you can approach your target and succeed at breaking in every time! The ve phases include Reconnaissance, Gaining Access, Enumeration, Maintaining Access, and covering your tracks. The tools and techniques in each of these five phases are provided in detail in an encyclopedic approach to help you identify when an attack has been used against your own targets.
    [Show full text]
  • Analysis and Evaluation of Email Security
    Al-Azhar University – Gaza Deanship of Postgraduate Studies Faculty of Engineering & Information Technology Master of Computing and Information System Analysis and Evaluation of Email Security Prepared by Mohammed Ahmed Maher Mahmoud Al-Nakhal Supervised by Dr. Ihab Salah Al-Dein Zaqout A Thesis submitted in partial fulfillment of the requirements for the degree of Master of Computing and Information Systems 2018 جامعةةةةةةةةةة ةةةةةةةةةة – غةةةةةةةةةة عمةةةةةةةةةاا لعل اةةةةةةةةةا لع ةةةةةةةةةا ك هلنعا وتكنولوج ا ملع وما ماجسةةةاحل بواةةةم وعلةةةت ملع ومةةةا حتليل وتقييم أمن الربيد اﻹلكرتوني إعداد الباحث حممد أمحد ماهر حممود النخال إشراف الدكتور/ إيهاب صﻻح الدين زقوت قدمت هذه الرسالة استكماﻻً لمتطلبات الحصول على درجة الماجستير في الحوسبة ونظم المعلومات من كلية الهندسة وتكنولوجيا المعلومات – جامعة اﻷزهر – غزة 2018 قَالُوا سُبْحَانَكَ لَا عِلْمَ لَنَا إِلَّا مَا عَلَّمْتَنَا إِنَّكَ أَنْتَ الْعَلِيمُ الْحَكِيمُ صدق اهلل العظيم سورة البقرة ) آية 32( i Dedication To my parents who take my hands and walk me among the ports of life, what is clear in their paths. Thanks to them and hope from Almighty Allah to keep them for me and extend in their age ... To my loving, forgiving and supportive wife who created the atmosphere for me to complete this work. To my brother Mahmoud and sisters Dema and Dania …... To the martyrs of Palestine who fought for the sake of Almighty Allah. ii Acknowledgment The prophet Mohammad (Peace Be Upon Him) says, “He who does not thank people, does not thank Allah “. Completing and issuing such dissertation would not have been possible without the help and support of the people who ably guided this dissertation through the whole process.
    [Show full text]
  • Fbi Fbi Flash
    TLP: GREEN FBI FLASH FBI FBI Liaison Alert System #M-000045-TT The following information was obtained through FBI investigation and is provided in conjunction with the FBI’s statutory requirement to conduct victim notification as outlined in 42 USC § 10607. In furtherance of public-private partnerships, the FBI routinely advises private industry of various cyber threat indicators observed during the course of our investigations. This data is provided in order to help cyber security professionals and systems administrators to guard against the persistent malicious actions of cyber criminals. This product is released at TLP: GREEN. The information in this product is useful for the awareness of all participating organizations as well as with peers within the broader community or sector. Recipients may share this information with peers and partner organizations within their sector or community, but not via publicly accessible channels. SUMMARY The FBI is providing the following information with HIGH confidence: A group of cyber actors utilizing infrastructure located in Iran have been conducting computer network exploitation activity against public and private U.S. organizations, including Cleared Defense Contractors (CDCs), academic institutions, and energy sector companies. The actors typically utilize common computer intrusion techniques such as the use of TOR, open source reconnaissance, exploitation via SQL injection and web shells, and open source tools for further network penetration and persistence. Internet-facing infrastructures, such as web servers, are typical targets for this group. Once the actors penetrate a victim network, the actors exfiltrate network design information and legitimate user credentials for the victim network. Often times, the actors are able to harvest administrative user credentials and use the credentials to move laterally through a network.
    [Show full text]
  • Latexsample-Thesis
    INTEGRAL ESTIMATION IN QUANTUM PHYSICS by Jane Doe A dissertation submitted to the faculty of The University of Utah in partial fulfillment of the requirements for the degree of Doctor of Philosophy Department of Mathematics The University of Utah May 2016 Copyright c Jane Doe 2016 All Rights Reserved The University of Utah Graduate School STATEMENT OF DISSERTATION APPROVAL The dissertation of Jane Doe has been approved by the following supervisory committee members: Cornelius L´anczos , Chair(s) 17 Feb 2016 Date Approved Hans Bethe , Member 17 Feb 2016 Date Approved Niels Bohr , Member 17 Feb 2016 Date Approved Max Born , Member 17 Feb 2016 Date Approved Paul A. M. Dirac , Member 17 Feb 2016 Date Approved by Petrus Marcus Aurelius Featherstone-Hough , Chair/Dean of the Department/College/School of Mathematics and by Alice B. Toklas , Dean of The Graduate School. ABSTRACT Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah.
    [Show full text]
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]
  • Analysis and Processing of Cryptographic Protocols
    Analysis and Processing of Cryptographic Protocols Submitted in partial fulfilment of the requirements of the degree of Bachelor of Science (Honours) of Rhodes University Bradley Cowie Grahamstown, South Africa November 2009 Abstract The field of Information Security and the sub-field of Cryptographic Protocols are both vast and continually evolving fields. The use of cryptographic protocols as a means to provide security to web servers and services at the transport layer, by providing both en- cryption and authentication to data transfer, has become increasingly popular. However, it is noted that it is rather difficult to perform legitimate analysis, intrusion detection and debugging on data that has passed through a cryptographic protocol as it is encrypted. The aim of this thesis is to design a framework, named Project Bellerophon, that is capa- ble of decrypting traffic that has been encrypted by an arbitrary cryptographic protocol. Once the plain-text has been retrieved further analysis may take place. To aid in this an in depth investigation of the TLS protocol was undertaken. This pro- duced a detailed document considering the message structures and the related fields con- tained within these messages which are involved in the TLS handshake process. Detailed examples explaining the processes that are involved in obtaining and generating the var- ious cryptographic components were explored. A systems design was proposed, considering the role of each of the components required in order to produce an accurate decryption of traffic encrypted by a cryptographic protocol. Investigations into the accuracy and the efficiency of Project Bellerophon to decrypt specific test data were conducted.
    [Show full text]
  • Linux Administrators Security Guide LASG - 0.1.0
    Linux Administrators Security Guide LASG - 0.1.0 By Kurt Seifried ([email protected]) copyright 1999, All rights reserved. Available at: https://www.seifried.org/lasg/ This document is free for most non commercial uses, the license follows the table of contents, please read it if you have any concerns. If you have any questions email [email protected]. If you want to receive announcements of new versions of the LASG please send a blank email with the subject line “subscribe” (no quotes) to [email protected]. 1 Table of contents License Preface Forward by the author Contributing What this guide is and isn't How to determine what to secure and how to secure it Safe installation of Linux Choosing your install media It ain't over 'til... General concepts, server verses workstations, etc Physical / Boot security Physical access The computer BIOS LILO The Linux kernel Upgrading and compiling the kernel Kernel versions Administrative tools Access Telnet SSH LSH REXEC NSH Slush SSL Telnet Fsh secsh Local YaST sudo Super Remote Webmin Linuxconf COAS 2 System Files /etc/passwd /etc/shadow /etc/groups /etc/gshadow /etc/login.defs /etc/shells /etc/securetty Log files and other forms of monitoring sysklogd / klogd secure-syslog next generation syslog Log monitoring logcheck colorlogs WOTS swatch Kernel logging auditd Shell logging bash Shadow passwords Cracking passwords Jack the ripper Crack Saltine cracker VCU PAM Software Management RPM dpkg tarballs / tgz Checking file integrity RPM dpkg PGP MD5 Automatic updates RPM AutoRPM
    [Show full text]
  • Proquest Dissertations
    Saving Grace: Saqshbandi Spiritual Transmission in the Asian Sub-Continent, 1928-1997 Item Type text; Dissertation-Reproduction (electronic) Authors Lizzio, Kenneth Paul Publisher The University of Arizona. Rights Copyright © is held by the author. Digital access to this material is made possible by the University Libraries, University of Arizona. Further transmission, reproduction or presentation (such as public display or performance) of protected items is prohibited except with permission of the author. Download date 04/10/2021 09:49:29 Link to Item http://hdl.handle.net/10150/270114 INFORMATION TO USERS This manuscript has been reproduced from the microfilm master. UMI films the text directly from the original or copy submitted. Thus, some thesis and dissertation copies are in typewriter face, while others may be from any type of computer printer. The quality of this reproduction is dependent upon the quality of the copy submitted. Broken or indistina print, colored or poor quality illustrations and photographs, print bleedthrough, substandard margins, and improper alignment can adversely affect reproduction. In the unlikely event that the author did not send UMI a complete manuscript and there are missing pages, these will be noted. Also, if unauthorized copyright material had to be removed, a note will indicate the deletion. Oversize materials (e.g., maps, drawings, charts) are reproduced by sectioning the original, beginning at the upper left-hand comer and continuing from left to right in equal sections with small overlaps. Each original is also photographed in one exposure and is included in reduced form at the back of the book. Photographs included in the original manuscript have been reproduced xerographically in this copy.
    [Show full text]