DOCSLIB.ORG

Copyright and Licensing Guide

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Copyright and Licensing Guide WatchGuard System Manager, Fireware v12.1 Dimension v2.1.1 Copyright and Licensing Guide All Firebox models Revised: December 2017 Updated for: Fireware v12.1 and Dimension 2.1.1 Notice to Users Information in this guide is subject to change without notice. No part of this guide may be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of WatchGuard Technologies, Inc. Copyright© 1998–2017 WatchGuard Technologies, Inc. All rights reserved. All trademarks or trade names mentioned herein, if any, are the property of their respective owners. ABOUT WATCHGUARD WatchGuard® Technologies, Inc. is a global leader in network security, providing best- ADDRESS in-class Unified Threat Management, Next Generation Firewall, secure Wi-Fi, and 505 Fifth Avenue South network intelligence products and services to more than 75,000 customers worldwide. Suite 500 The company’s mission is to make enterprise-grade security accessible to companies of Seattle, WA 98104 all types and sizes through simplicity, making WatchGuard an ideal solution for SUPPORT Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, www.watchguard.com/support Washington, with offices throughout North America, Europe, Asia Pacific, and Latin U.S. and Canada +877.232.3531 America. To learn more, visit WatchGuard.com. All Other Countries +1.206.521.3575 For additional information, promotions and updates, follow WatchGuard on Twitter, SALES @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec U.S. and Canada +1.800.734.9905 blog, Secplicity, for real-time information about the latest threats and how to cope with All Other Countries +1.206.613.0895 them at www.secplicity.org. ii WatchGuard System Manager / Fireware v12.1 Table of Contents Notice to Users........................................................................................................................................................ 1 Copyright Information......................................................................................................................................... 1 Patents....................................................................................................................................................................... 2 Trademarks .............................................................................................................................................................. 2 Licensing for WSM, Fireware, TDR, and Dimension................................................................................... 2 accel-ppp ............................................................................................................................................................. 3 Apache Axis2/C.................................................................................................................................................. 3 Apache Axis2/Java............................................................................................................................................ 3 Apache Commons ............................................................................................................................................ 3 Apache FOP......................................................................................................................................................... 3 Apache POI.......................................................................................................................................................... 3 Apache Portable Runtime.............................................................................................................................. 3 Apache Rampart/C ........................................................................................................................................... 3 Apache Server .................................................................................................................................................... 4 Apache WS Common Utilities ...................................................................................................................... 4 Apache xmlrpc................................................................................................................................................... 4 arptables .............................................................................................................................................................. 4 atftp........................................................................................................................................................................ 4 ath 10k-firmware............................................................................................................................................... 4 atws........................................................................................................................................................................ 5 awscli..................................................................................................................................................................... 5 backports_abc.................................................................................................................................................... 5 backstrap.............................................................................................................................................................. 9 binutils .................................................................................................................................................................. 9 Boost...................................................................................................................................................................... 9 Bootstrap............................................................................................................................................................ 10 bootstrap-datetimepicker.js ....................................................................................................................... 10 boto3 ................................................................................................................................................................... 10 botocore............................................................................................................................................................. 10 Bouncy Castle Crypto APIs........................................................................................................................... 10 bridge-utils........................................................................................................................................................ 10 BusyBox .............................................................................................................................................................. 10 bzip2 .................................................................................................................................................................... 11 c-ares ................................................................................................................................................................... 11 cached-property.............................................................................................................................................. 12 cairo ..................................................................................................................................................................... 12 celementree...................................................................................................................................................... 12 certifi.................................................................................................................................................................... 13 CGIC ..................................................................................................................................................................... 13 Cheetah .............................................................................................................................................................. 13 CherryPy License (BSD)................................................................................................................................. 13 conntrack-tools................................................................................................................................................ 14 crypt..................................................................................................................................................................... 14 ctengine ............................................................................................................................................................. 14 ctypes .................................................................................................................................................................. 14 curl........................................................................................................................................................................ 15 Cyberons_SNMP.............................................................................................................................................
Load more

Recommended publications
  • Secure Socket Layer (SSL) Transport Layer Security (TLS)
    Secure Socket Layer (SSL) Transport Layer Security (TLS) © André Zúquete Advanced Network Security TLS (Transport Layer Security, RFC 5246): Goals w Secure communication protocol over TCP/IP ® Standard inspired by SSL V3 (Secure Sockets Layer) ® Handles secure sessions per application over TCP/IP • Initially conceived for HTTP traffic • Currently being used by other kinds of traffic w Security mechanisms ® TCP payload protection • Confidentiality • Stream integrity ® Key distribution ® Peer authentication • Server authentication (the normal scenario) • Client authentication • Usually a person • Not usually explored © André Zúquete Advanced Network Security 1 Change Handshake Alert IMAP, Cipher Protocol Protocol HTTP Spec. etc. IMAP, TLS/SSL: HTTP etc. Protocols Record Protocol w Handshake Protocol TCP ® Key distribution • Master secrets (48 bytes) • Computed with DH; or • Chose by the client, upload to the server encrypted with the server’s public key • Session keys • Computed from a master secret and two nonces exchanged ® Peer authentication • Asymmetric encryption with long-term or ephemeral keys • Public key certificates for long-term public keys w Record Protocol ® Handling of secure data records ® Compression, confidentiality, integrity control © André Zúquete Advanced Network Security TLS/SSL versions w SSL ® 1.0 ® 2.0: 1995, prohibited by RFC 6176 (2011) ® 3.0: 1996, RFC 6101 (2011), deprecated by RFC 7568 (2015) w TLS ® 1.0: 1999: RFC 2246 SSL BEAST (2011) ® 1.1: 2006: RFC 4346 ® 1.2: 2008: RFC 5246 ® 1.3: 2018: RFC 8446 © André
    [Show full text]
  • ROADS and BRIDGES: the UNSEEN LABOR BEHIND OUR DIGITAL INFRASTRUCTURE Preface
    Roads and Bridges:The Unseen Labor Behind Our Digital Infrastructure WRITTEN BY Nadia Eghbal 2 Open up your phone. Your social media, your news, your medical records, your bank: they are all using free and public code. Contents 3 Table of Contents 4 Preface 58 Challenges Facing Digital Infrastructure 5 Foreword 59 Open source’s complicated relationship with money 8 Executive Summary 66 Why digital infrastructure support 11 Introduction problems are accelerating 77 The hidden costs of ignoring infrastructure 18 History and Background of Digital Infrastructure 89 Sustaining Digital Infrastructure 19 How software gets built 90 Business models for digital infrastructure 23 How not charging for software transformed society 97 Finding a sponsor or donor for an infrastructure project 29 A brief history of free and public software and the people who made it 106 Why is it so hard to fund these projects? 109 Institutional efforts to support digital infrastructure 37 How The Current System Works 38 What is digital infrastructure, and how 124 Opportunities Ahead does it get built? 125 Developing effective support strategies 46 How are digital infrastructure projects managed and supported? 127 Priming the landscape 136 The crossroads we face 53 Why do people keep contributing to these projects, when they’re not getting paid for it? 139 Appendix 140 Glossary 142 Acknowledgements ROADS AND BRIDGES: THE UNSEEN LABOR BEHIND OUR DIGITAL INFRASTRUCTURE Preface Our modern society—everything from hospitals to stock markets to newspapers to social media—runs on software. But take a closer look, and you’ll find that the tools we use to build software are buckling under demand.
    [Show full text]
  • CIS Debian Linux 7 Benchmark V1.0.0 - 12-31-2015
    CIS Debian Linux 7 Benchmark v1.0.0 - 12-31-2015 http://benchmarks.cisecurity.org The CIS Security Benchmarks division provides consensus-oriented information security products, services, tools, metrics, suggestions, and recommendations (the “SB Products”) as a public service to Internet users worldwide. Downloading or using SB Products in any way signifies and confirms your acceptance of and your binding agreement to these CIS Security Benchmarks Terms of Use. CIS SECURITY BENCHMARKS TERMS OF USE BOTH CIS SECURITY BENCHMARKS DIVISION MEMBERS AND NON-MEMBERS MAY: Download, install, and use each of the SB Products on a single computer, and/or Print one or more copies of any SB Product that is in a .txt, .pdf, .doc, .mcw, or .rtf format, but only if each such copy is printed in its entirety and is kept intact, including without limitation the text of these CIS Security Benchmarks Terms of Use. UNDER THE FOLLOWING TERMS AND CONDITIONS: SB Products Provided As Is. CIS is providing the SB Products “as is” and “as available” without: (1) any representations, warranties, or covenants of any kind whatsoever (including the absence of any warranty regarding: (a) the effect or lack of effect of any SB Product on the operation or the security of any network, system, software, hardware, or any component of any of them, and (b) the accuracy, utility, reliability, timeliness, or completeness of any SB Product); or (2) the responsibility to make or notify you of any corrections, updates, upgrades, or fixes. Intellectual Property and Rights Reserved. You are not acquiring any title or ownership rights in or to any SB Product, and full title and all ownership rights to the SB Products remain the exclusive property of CIS.
    [Show full text]
  • A Letter to the FCC [PDF]
    Before the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554 In the Matter of ) ) Amendment of Part 0, 1, 2, 15 and 18 of the ) ET Docket No. 15­170 Commission’s Rules regarding Authorization ) Of Radio frequency Equipment ) ) Request for the Allowance of Optional ) RM­11673 Electronic Labeling for Wireless Devices ) Summary The rules laid out in ET Docket No. 15­170 should not go into effect as written. They would cause more harm than good and risk a significant overreach of the Commission’s authority. Specifically, the rules would limit the ability to upgrade or replace firmware in commercial, off­the­shelf home or small­business routers. This would damage the compliance, security, reliability and functionality of home and business networks. It would also restrict innovation and research into new networking technologies. We present an alternate proposal that better meets the goals of the FCC, not only ensuring the desired operation of the RF portion of a Wi­Fi router within the mandated parameters, but also assisting in the FCC’s broader goals of increasing consumer choice, fostering competition, protecting infrastructure, and increasing resiliency to communication disruptions. If the Commission does not intend to prohibit the upgrade or replacement of firmware in Wi­Fi ​ ​ devices, the undersigned would welcome a clear statement of that intent. Introduction We recommend the FCC pursue an alternative path to ensuring Radio Frequency (RF) compliance from Wi­Fi equipment. We understand there are significant concerns regarding existing users of the Wi­Fi ​ spectrum, and a desire to avoid uncontrolled change. However, we most strenuously advise against prohibiting changes to firmware of devices containing radio components, and furthermore advise against allowing non­updatable devices into the field.
    [Show full text]
  • Mac OS X Server Administrator's Guide
    034-9285.S4AdminPDF 6/27/02 2:07 PM Page 1 Mac OS X Server Administrator’s Guide K Apple Computer, Inc. © 2002 Apple Computer, Inc. All rights reserved. Under the copyright laws, this publication may not be copied, in whole or in part, without the written consent of Apple. The Apple logo is a trademark of Apple Computer, Inc., registered in the U.S. and other countries. Use of the “keyboard” Apple logo (Option-Shift-K) for commercial purposes without the prior written consent of Apple may constitute trademark infringement and unfair competition in violation of federal and state laws. Apple, the Apple logo, AppleScript, AppleShare, AppleTalk, ColorSync, FireWire, Keychain, Mac, Macintosh, Power Macintosh, QuickTime, Sherlock, and WebObjects are trademarks of Apple Computer, Inc., registered in the U.S. and other countries. AirPort, Extensions Manager, Finder, iMac, and Power Mac are trademarks of Apple Computer, Inc. Adobe and PostScript are trademarks of Adobe Systems Incorporated. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Netscape Navigator is a trademark of Netscape Communications Corporation. RealAudio is a trademark of Progressive Networks, Inc. © 1995–2001 The Apache Group. All rights reserved. UNIX is a registered trademark in the United States and other countries, licensed exclusively through X/Open Company, Ltd. 062-9285/7-26-02 LL9285.Book Page 3 Tuesday, June 25, 2002 3:59 PM Contents Preface How to Use This Guide 39 What’s Included
    [Show full text]
  • Open Source Documentation Used in WAP4410N, Version 2.0.5.X
    Open Source Used In WAP4410N 2.0.5.x This document contains the licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of the source code to which you are entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License) , please contact us at http://www.cisco.com/go/smallbiz_opensource_request. In your requests please include the following reference number 78EE117C99-24342489 En ce qui a trait au logiciel gratuit ou à exploitation libre figurant dans ce document, si vous avez des questions ou souhaitez recevoir une copie du code source, auquel vous avez droit en vertu des licences gratuites ou d'exploitation libre applicables (telles que licences GNU Lesser/General Public), veuillez communiquer avec nous à l'adresse http://www.cisco.com/go/smallbiz_opensource_request. Dans vos demandes, veuillez inclure le numéro de référence 78EE117C99-24342489 Contents 1.1 ag7100 1.0 1.1.1 Available under license 1.2 binutils 2.16.1 1.2.1 Available under license 1.3 busybox 1.1.0 1.3.1 Available under license 1.4 ccache 2.4 78-20798-01 Open Source Used In WAP4410N 2.0.5.x 1 1.4.1 Available under license 1.5 dhcp 0.1 1.5.1 Available under license 1.6 gcc 3.4.4 1.6.1 Available under license 1.7 genext2fs 1.3 1.7.1 Available under license 1.8 hostapd 0.5.9 1.8.1 Available under license 1.9 libiconv 1.8 1.9.1 Available under license 1.10 libupnp 1.2.1 1.10.1 Available under license
    [Show full text]
  • Post-Quantum Authentication in Openssl with Hash-Based Signatures
    Recalling Hash-Based Signatures Motivations for Cryptographic Library Integration Cryptographic Libraries OpenSSL & open-quantum-safe XMSS Certificate Signing in OpenSSL / open-quantum-safe Conclusions Post-Quantum Authentication in OpenSSL with Hash-Based Signatures Denis Butin, Julian Wälde, and Johannes Buchmann TU Darmstadt, Germany 1 / 26 I Quantum computers are not available yet, but deployment of new crypto takes time, so transition must start now I Well established post-quantum signature schemes: hash-based cryptography (XMSS and variants) I Our goal: make post-quantum signatures available in a popular security software library: OpenSSL Recalling Hash-Based Signatures Motivations for Cryptographic Library Integration Cryptographic Libraries OpenSSL & open-quantum-safe XMSS Certificate Signing in OpenSSL / open-quantum-safe Conclusions Overall Motivation I Networking requires authentication; authentication is realized by cryptographic signature schemes I Shor’s algorithm (1994): most public-key cryptography (RSA, DSA, ECDSA) breaks once large quantum computers exist I Post-quantum cryptography: public-key algorithms thought to be secure against quantum computer attacks 2 / 26 Recalling Hash-Based Signatures Motivations for Cryptographic Library Integration Cryptographic Libraries OpenSSL & open-quantum-safe XMSS Certificate Signing in OpenSSL / open-quantum-safe Conclusions Overall Motivation I Networking requires authentication; authentication is realized by cryptographic signature schemes I Shor’s algorithm (1994): most public-key
    [Show full text]
  • Using Unsniff Network Analyzer to Analyze SSL / TLS
    Whitepaper – SSL / TLS Analysis using Unsniff Network Analyzer Whitepaper : Using Unsniff Network Analyzer to analyze SSL / TLS A number of applications today use SSL and TLS as a security layer. Unsniff allows authorized users to analyze these applications by decrypting the SSL/TLS streams in real time. This is done without interrupting the SSL streams in any way. Unsniff can also strip out the SSL/TLS layer completely and analyze the application protocols as if the security layer never existed. For example: If you are working with a secure web server, you can analyze the HTTPS protocol, including the ability to reconstruct complete web pages. References : RFC2246 (TLS 1.0), RFC2459 (X.509v3), PKCS Standards (RSA Website) Feature overview Working with PDUs and Streams Decrypting SSL/TLS Analyzing upper layer protocols Howto : Analyzing a secure Microsoft IIS web server Howto : Analyzing a secure Apache web server Howto : Analyzing protocols tunneled via stunnel FAQ 1/12 © Unleash Networks, All rights reserved Whitepaper – SSL / TLS Analysis using Unsniff Network Analyzer Feature Overview Unsniff shows SSL/TLS records as separate entities in the PDU sheet irrespective of SSL records how they were carried at the link layer. Stream Monitor entire SSL / TLS sessions in real time via the Streams sheet. analysis Provided you have the servers private key material you can decrypt SSL / TLS Decryption sessions in real time. Most of the popular ciphers are supported. Advanced Unsniff supports SSL / TLS features such as session reuse and cipher renegotiation. Decryption SSL/TLS only acts as a transport layer for higher layer protocols. Ultimately we are interested in the analysis of higher layer protocols such as HTTP, LDAP etc.
    [Show full text]
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]
  • CS670: Network Security
    Cristina Nita-Rotaru CS670: Network security IPsec. TLS. Sources 1. Many slides courtesy of Christo Wilson and Wil Robertson 2. IPSec Key management based on slides from B. LaMacchia 3. Analysis of the HTTPS Certificate Ecosystem, IMC 2013: https://jhalderm.com/pub/papers/https-imc13.pdf 4. Analysis of SSL certificate reissues and revocations in the wake of Heartbleed, IMC 2014: http://www.ccs.neu.edu/home/cbw/pdf/imc254-zhang.pdf 2 IPSec; TLS 1: Protecting IP: IPsec OSI/ISO Model Application Application Presentation Presentation Session Session Transport Transport Network Network Data Link Data Link Physical Layer Physical Layer 4 IPSec; TLS IPsec design goals } Design philosophy: applications cannot be trusted to implement end-to-end security properly and security should be built into the network itself } Transparent to applications (below transport layer ) } Goal: Facilitate direct IP connectivity between sensitive hosts through untrusted networks } It is designed to be extremely flexible } Different crypto algorithms and key exchange supported } Different security services compositions } Different granularities of protection 5 IPSec; TLS Security goals } IPsec provides: } access control } integrity } data origin authentication } rejection of replayed packets } confidentiality } IETF IPSEC Working Group } Documented in RFCs and Internet drafts 6 IPSec; TLS Security and deployment mechanisms } Operates based on security associations } Deployment: } Transport-mode: encapsulates an upper-layer protocol (e.g. TCP or UDP) and preapends an
    [Show full text]
  • Ubuntu Server Guide Basic Installation Preparing to Install
    Ubuntu Server Guide Welcome to the Ubuntu Server Guide! This site includes information on using Ubuntu Server for the latest LTS release, Ubuntu 20.04 LTS (Focal Fossa). For an offline version as well as versions for previous releases see below. Improving the Documentation If you find any errors or have suggestions for improvements to pages, please use the link at thebottomof each topic titled: “Help improve this document in the forum.” This link will take you to the Server Discourse forum for the specific page you are viewing. There you can share your comments or let us know aboutbugs with any page. PDFs and Previous Releases Below are links to the previous Ubuntu Server release server guides as well as an offline copy of the current version of this site: Ubuntu 20.04 LTS (Focal Fossa): PDF Ubuntu 18.04 LTS (Bionic Beaver): Web and PDF Ubuntu 16.04 LTS (Xenial Xerus): Web and PDF Support There are a couple of different ways that the Ubuntu Server edition is supported: commercial support and community support. The main commercial support (and development funding) is available from Canonical, Ltd. They supply reasonably- priced support contracts on a per desktop or per-server basis. For more information see the Ubuntu Advantage page. Community support is also provided by dedicated individuals and companies that wish to make Ubuntu the best distribution possible. Support is provided through multiple mailing lists, IRC channels, forums, blogs, wikis, etc. The large amount of information available can be overwhelming, but a good search engine query can usually provide an answer to your questions.
    [Show full text]
  • Proceedings of the 14Th Systems Administration Conference (LISA 2000)
    USENIX Association Proceedings of the 14th Systems Administration Conference (LISA 2000) New Orleans, Louisiana, USA December 3– 8, 2000 THE ADVANCED COMPUTING SYSTEMS ASSOCIATION © 2000 by The USENIX Association All Rights Reserved For more information about the USENIX Association: Phone: 1 510 528 8649 FAX: 1 510 548 5738 Email: [email protected] WWW: http://www.usenix.org Rights to individual papers remain with the author or the author's employer. Permission is granted for noncommercial reproduction of the work for educational or research purposes. This copyright notice must be included in the reproduced paper. USENIX acknowledges all trademarks herein. Automating Request-based Software Distribution Chris Hemmerich – Indiana University ABSTRACT Request-based distribution of software applications over a network is a difficult problem that many organizations face. While several programs address this issue, many lack features required for more sophisticated exports, and more complex solutions usually have a very limited scope. Managing these exports by hand is usually a time consuming and error-prone task. We were in such a situation when we developed the Automated Netdist program a year ago. Automated Netdist provides an automated mechanism for system administrators to request and receive software exports with an immediate turnaround. The system provides a simple user interface, secure authentication, and both user and machine based authentication. Each of these is configurable on a package-by-package basis for flexibility. Netdist is a modular service. The user interface, authentication and authorization are independent of the export protocol. We are currently distributing via NFS, but adding an additional protocol is as simple as writing a script to perform the export and plugging it into Netdist.
    [Show full text]