DOCSLIB.ORG

Opensuse Leap 42.2 Security Guide Opensuse Leap 42.2

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Opensuse Leap 42.2 Security Guide Opensuse Leap 42.2 Security Guide openSUSE Leap 42.2 Security Guide openSUSE Leap 42.2 Introduces basic concepts of system security, covering both local and network secu- rity aspects. Shows how to use the product inherent security software like AppAr- mor or the auditing system that reliably collects information about any security-rel- evant events. Publication Date: November 05, 2018 SUSE LLC 10 Canal Park Drive Suite 200 Cambridge MA 02141 USA https://www.suse.com/documentation Copyright © 2006– 2018 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Docu- mentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see http://www.suse.com/company/legal/ . All other third-party trademarks are the prop- erty of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its affiliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its affiliates, the authors nor the translators shall be held liable for possible errors or the consequences thereof. Contents About This Guide xv 1 Security and Confidentiality 1 1.1 Local Security and Network Security 1 Local Security 3 • Network Security 6 1.2 Some General Security Tips and Tricks 10 1.3 Using the Central Security Reporting Address 12 I AUTHENTICATION 13 2 Authentication with PAM 14 2.1 What is PAM? 14 2.2 Structure of a PAM Configuration File 15 2.3 The PAM Configuration of sshd 17 2.4 Configuration of PAM Modules 20 pam_env.conf 20 • pam_mount.conf.xml 21 • limits.conf 21 2.5 Configuring PAM Using pam-config 21 2.6 Manually Configuring PAM 22 2.7 For More Information 23 3 Using NIS 24 3.1 Configuring NIS Servers 24 Configuring a NIS Master Server 25 • Configuring a NIS Slave Server 29 3.2 Configuring NIS Clients 30 iii Security Guide 4 Setting Up Authentication Servers and Clients Using YaST 32 4.1 Configuring an Authentication Server with YaST 32 Initial Configuration of an Authentication Server 32 • Editing an Authentication Server Configuration with YaST 36 • Editing LDAP Users and Groups 41 4.2 Configuring an Authentication Client with YaST (SSSD) 41 5 LDAP—A Directory Service 47 5.1 LDAP versus NIS 48 5.2 Structure of an LDAP Directory Tree 48 5.3 Configuring LDAP Users and Groups in YaST 51 5.4 Manually Configuring an LDAP Server 52 5.5 Manually Administering LDAP Data 53 Inserting Data into an LDAP Directory 53 • Modifying Data in the LDAP Directory 55 • Searching or Reading Data from an LDAP Directory 56 • Deleting Data from an LDAP Directory 56 5.6 For More Information 56 6 Active Directory Support 58 6.1 Integrating Linux and Active Directory Environments 58 6.2 Background Information for Linux Active Directory Support 59 Domain Join 62 • Domain Login and User Homes 62 • Offline Service and Policy Support 64 6.3 Configuring a Linux Client for Active Directory 64 Choosing Which YaST Module to Use for Connecting to Active Directory 65 • Joining Active Directory Using User Logon Management 66 • Joining Active Directory Using Windows Domain Membership 70 • Checking Active Directory Connection Status 72 6.4 Logging In to an Active Directory Domain 73 GDM 73 • Console Login 73 iv Security Guide 6.5 Changing Passwords 74 7 Network Authentication with Kerberos 76 7.1 Kerberos Terminology 76 7.2 How Kerberos Works 78 First Contact 78 • Requesting a Service 79 • Mutual Authentication 79 • Ticket Granting—Contacting All Servers 79 • Compatibility to Windows 2000 80 7.3 Users' View of Kerberos 81 7.4 Installing and Administering Kerberos 82 Kerberos Network Topology 83 • Choosing the Kerberos Realms 84 • Setting Up the KDC Hardware 84 • Configuring Time Synchronization 85 • Configuring the KDC 86 • Configuring Kerberos Clients 89 • Configuring Remote Kerberos Administration 92 • Creating Kerberos Service Principals 93 • Enabling PAM Support for Kerberos 95 • Configuring SSH for Kerberos Authentication 95 • Using LDAP and Kerberos 96 7.5 For More Information 99 II LOCAL SECURITY 100 8 Configuring Security Settings with YaST 101 8.1 Security Overview 101 8.2 Predefined Security Configurations 102 8.3 Password Settings 103 8.4 Boot Settings 103 8.5 Login Settings 104 8.6 User Addition 104 8.7 Miscellaneous Settings 104 v Security Guide 9 Authorization with PolKit 106 9.1 Conceptual Overview 106 Available Authentication Agents 106 • Structure of PolKit 106 • Available Commands 107 • Available Policies and Supported Applications 107 9.2 Authorization Types 109 Implicit Privileges 109 • Explicit Privileges 110 • Default Privileges 110 9.3 Querying Privileges 110 9.4 Modifying Configuration Files 111 Adding Action Rules 111 • Adding Authorization Rules 113 • Modifying Configuration Files for Implicit Privileges 113 9.5 Restoring the Default Privileges 114 10 Access Control Lists in Linux 116 10.1 Traditional File Permissions 116 The setuid Bit 116 • The setgid Bit 117 • The Sticky Bit 117 10.2 Advantages of ACLs 117 10.3 Definitions 118 10.4 Handling ACLs 119 ACL Entries and File Mode Permission Bits 120 • A Directory with an ACL 121 • A Directory with a Default ACL 123 • The ACL Check Algorithm 126 10.5 ACL Support in Applications 127 10.6 For More Information 127 11 Encrypting Partitions and Files 128 11.1 Setting Up an Encrypted File System with YaST 129 Creating an Encrypted Partition during Installation 129 • Creating an Encrypted Partition on a Running System 130 • Creating an Encrypted File as a Container 131 • Encrypting the Content of Removable Media 131 11.2 Using Encrypted Home Directories 132 vi Security Guide 11.3 Using vi to Encrypt Single ASCII Text Files 133 12 Certificate Store 134 12.1 Activating Certificate Store 134 12.2 Importing Certificates 134 13 Intrusion Detection with AIDE 136 13.1 Why Using AIDE? 136 13.2 Setting Up an AIDE Database 136 13.3 Local AIDE Checks 139 13.4 System Independent Checking 140 13.5 For More Information 141 III NETWORK SECURITY 142 14 SSH: Secure Network Operations 143 14.1 ssh—Secure Shell 143 Starting X Applications on a Remote Host 144 • Agent Forwarding 144 14.2 scp—Secure Copy 144 14.3 sftp—Secure File Transfer 145 Using sftp 145 • Setting Permissions for File Uploads 146 14.4 The SSH Daemon (sshd) 147 Maintaining SSH Keys 147 • Rotating Host Keys 148 14.5 SSH Authentication Mechanisms 149 Generating an SSH Key 150 • Copying an SSH Key 150 • Using the ssh- agent 150 14.6 Port Forwarding 152 14.7 For More Information 152 vii Security Guide 15 Masquerading and Firewalls 154 15.1 Packet Filtering with iptables 154 15.2 Masquerading Basics 157 15.3 Firewalling Basics 158 15.4 SuSEFirewall2 159 Configuring the Firewall with YaST 160 • Configuring Manually 163 15.5 For More Information 166 16 Configuring a VPN Server 167 16.1 Conceptual Overview 167 Terminology 167 • VPN Scenarios 168 16.2 Setting Up a Simple Test Scenario 171 Configuring the VPN Server 172 • Configuring the VPN Clients 173 • Testing the VPN Example Scenario 174 16.3 Setting Up Your VPN Server Using a Certificate Authority 174 Creating Certificates 175 • Configuring the VPN Server 178 • Configuring the VPN Clients 180 16.4 Setting Up a VPN Server or Client Using YaST 181 16.5 For More Information 182 17 Managing X.509 Certification 184 17.1 The Principles of Digital Certification 184 Key Authenticity 185 • X.509 Certificates 185 • Blocking X.509 Certificates 186 • Repository for Certificates and CRLs 187 • Proprietary PKI 188 17.2 YaST Modules for CA Management 188 Creating a Root CA 188 • Changing Password 190 • Creating or Revoking a Sub-CA 191 • Creating or Revoking User Certificates 193 • Changing Default Values 194 • Creating Certificate Revocation Lists (CRLs) 195 • Exporting CA Objects to LDAP 196 • Exporting CA Objects as a File 197 • Importing Common Server Certificates 198 viii Security Guide IV CONFINING PRIVILEGES WITH APPARMOR 199 18 Introducing AppArmor 200 18.1 AppArmor Components 200 18.2 Background Information on AppArmor Profiling 201 19 Getting Started 202 19.1 Installing AppArmor 202 19.2 Enabling and Disabling AppArmor 203 19.3 Choosing Applications to Profile 204 19.4 Building and Modifying Profiles 204 19.5 Updating Your Profiles 206 20 Immunizing Programs 207 20.1 Introducing the AppArmor Framework 208 20.2 Determining Programs to Immunize 210 20.3 Immunizing cron Jobs 211 20.4 Immunizing Network Applications 211 Immunizing Web Applications 213 • Immunizing Network Agents 215 21 Profile Components and Syntax 216 21.1 Breaking an AppArmor Profile into Its Parts 217 21.2 Profile Types 219 Standard Profiles 219 • Unattached Profiles 220 • Local Profiles 220 • Hats 221 • Change rules 221 21.3 Include Statements 222 Abstractions 224 • Program Chunks 224 • Tunables 224 21.4 Capability Entries (POSIX.1e) 224 21.5 Network Access Control 225 ix Security Guide 21.6 Profile Names, Flags, Paths, and Globbing 226 Profile Flags 227 • Using Variables in Profiles 228 • Pattern Matching 229 • Namespaces 230 • Profile Naming and Attachment Specification 230 • Alias Rules 231 21.7 File Permission Access Modes 231 Read Mode (r) 232 • Write Mode (w) 232 • Append Mode (a) 232 • File Locking Mode (k) 232 • Link Mode (l) 233 • Link Pair 233 • Optional allow and file Rules 233 • Owner Conditional Rules 234 • Deny Rules
Load more

Recommended publications
  • Mysql NDB Cluster 7.5.16 (And Later)
    Licensing Information User Manual MySQL NDB Cluster 7.5.16 (and later) Table of Contents Licensing Information .......................................................................................................................... 2 Licenses for Third-Party Components .................................................................................................. 3 ANTLR 3 .................................................................................................................................... 3 argparse .................................................................................................................................... 4 AWS SDK for C++ ..................................................................................................................... 5 Boost Library ............................................................................................................................ 10 Corosync .................................................................................................................................. 11 Cyrus SASL ............................................................................................................................. 11 dtoa.c ....................................................................................................................................... 12 Editline Library (libedit) ............................................................................................................. 12 Facebook Fast Checksum Patch ..............................................................................................
    [Show full text]
  • Linux in Your Lap Session 9365
    Linux in Your Lap Session 9365 Rich Smrcina - Sytek Services, Inc. August 20, 2002 SHARE 99 – San Francisco GGiivviinngg CCrreeddiitt • UNIX is a registered trademark licensed exclusively through The Open Group. • LINUX is a registered trademark of Linus Torvalds & others. • Microsoft, Windows NT, Windows Millennium & MSDOS are registered trademarks of Microsoft Corporation • StarOffice Writer, Calc, & Impress are registered trademarks of Sun, Inc. • Applixware Words, Spreadsheets, Presents & Office are registered trademarks of VistaSource, Inc., a wholly-owned subsidiary of Applix, Inc. • Anyware Desktop & Anyware Realtime are registered trademarks of VistaSource, Inc. • WordPerfect Office 2000 is a registered trademark of Corel, Inc. • AbiWord & AbiSource are registered trademarks of AbiSource, Inc. • Gnumeric is copyright © 1998, 1999 by Michael de Icaza Amozurrutia • VMware is a trademark of VMware, Inc. • Wine is Copyright © 1993-2000 by the Wine Project authors. • Win4Lin is a registered trademark of NeTraverse Inc. • Satellite is a registered trademark of Toshiba Corporation. • Intel & Celeron are registered trademarks of Intel Corporation. • All other brand & product names are trademarks or registered trademarks of their respective companies Page 2 of “Linux in Your Lap”, Copyright 2002, Sytek Services, Inc. GGiivviinngg CCrreeddiitt • z/Linux &Turbolinux are registered trademarks of Turbolinux, Inc. • Red Hat is a registered trademark of Red Hat, Inc. • SuSE is a registered trademark of SuSE AG. Page 3 of “Linux in Your Lap”, Copyright 2002, Sytek Services, Inc. OOff CCoouurrssee • The Joys & Heartaches of Running Linux on a Laptop Speaker: Rich Smrcina, Sytek Services, Inc. Length: 1 hour Classification: Technical When: Tuesday 1:30pm Where: San Francisco Hilton Page 4 of “Linux in Your Lap”, Copyright 2002, Sytek Services, Inc.
    [Show full text]
  • Linux + Windows 95 Mini-HOWTO
    Linux + Windows 95 mini−HOWTO Jonathon Katz [email protected] Joy Yokley − Converted document from HTML to DocBook 4.1 (SGML) 2001−03−01 Revision History Revision 1.1.1 2001−04−19 Revised by: DCM Corrected a typo. Revision 1.1 2001−02−28 Revised by: JEY Revision 1.0 1998−08−15 Revised by: JK Revision 0.9 1996−10−26 Revised by: JK Revision 0.8 1996−06−25 Revised by: JK This document details how to install Linux on a machine that currently runs Windows 95" Linux + Windows 95 mini−HOWTO Table of Contents 1. Introduction.....................................................................................................................................................1 2. Installation Options........................................................................................................................................2 2.1. I Have This Partition I Want to Spare!.............................................................................................2 2.2. What Is This 528M 1024th Cylinder Stuff?.....................................................................................2 3. What's Next.....................................................................................................................................................3 4. Using Your New System.................................................................................................................................4 4.1. Installing on a Drive with FAT32.....................................................................................................4
    [Show full text]
  • Veritas™Resiliency Platform 3.3 Third-Party Software License Agreements Veritas Resiliency Platform: Third Party Software License Agreements
    Veritas™Resiliency Platform 3.3 Third-Party Software License Agreements Veritas Resiliency Platform: Third Party Software License Agreements Last updated: 2018-09-03 Document version: Document version: 3.3 Rev 0 Legal Notice Copyright © 2018 Veritas Technologies LLC. All rights reserved. Veritas, the Veritas Logo, Veritas InfoScale, and NetBackup are trademarks or registered trademarks of Veritas Technologies LLC or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This product may contain third-party software for which Veritas is required to provide attribution to the third party (“Third-Party Programs”). Some of the Third-Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Refer to the third-party legal notices document accompanying this Veritas product or available at: https://www.veritas.com/licensing/process The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Veritas Technologies LLC and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. VERITAS TECHNOLOGIES LLC SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION.
    [Show full text]
  • HPE Bladesystem Onboard Administrator User Guide
    HPE BladeSystem Onboard Administrator User Guide Abstract This guide provides information on the initial setup and operation of the HPE BladeSystem Onboard Administrator. It also covers use of the Onboard Administrator GUI and enclosure Insight Display. The information in this guide applies to version 4.71 (or later) of the HPE BladeSystem Onboard Administrator. Part Number: 695522-403 Published: September 2017 Edition: 29 © Copyright 2006, 2017 Hewlett Packard Enterprise Development LP Notices The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise website. Acknowledgments Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the United States and other countries. Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
    [Show full text]
  • Security and Hardening Guide Security and Hardening Guide SUSE Linux Enterprise Server 15 SP1
    SUSE Linux Enterprise Server 15 SP1 Security and Hardening Guide Security and Hardening Guide SUSE Linux Enterprise Server 15 SP1 Introduces basic concepts of system security, covering both local and network security aspects. Shows how to use the product inherent security software like AppArmor, SELinux, or the auditing system that reliably collects information about any security-relevant events. Supports the administrator with security-related choices and decisions in installing and setting up a secure SUSE Linux Enterprise Server and additional processes to further secure and harden that installation. Publication Date: September 24, 2021 SUSE LLC 1800 South Novell Place Provo, UT 84606 USA https://documentation.suse.com Copyright © 2006– 2021 SUSE LLC and contributors. All rights reserved. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or (at your option) version 1.3; with the Invariant Section being this copyright notice and license. A copy of the license version 1.2 is included in the section entitled “GNU Free Documentation License”. For SUSE trademarks, see https://www.suse.com/company/legal/ . All other third-party trademarks are the property of their respective owners. Trademark symbols (®, ™ etc.) denote trademarks of SUSE and its aliates. Asterisks (*) denote third-party trademarks. All information found in this book has been compiled with utmost attention to detail. However, this does not guarantee complete accuracy. Neither SUSE LLC, its
    [Show full text]
  • Linux Laptop-HOWTO
    Linux Laptop−HOWTO Linux Laptop−HOWTO Table of Contents Linux Laptop−HOWTO.....................................................................................................................................1 Werner Heuser <[email protected]>....................................................................................................1 1. Preface..................................................................................................................................................1 2. Copyright, Disclaimer and Trademarks...............................................................................................1 3. Which Laptop to Buy?.........................................................................................................................1 4. Laptop Distribution..............................................................................................................................2 5. Installation...........................................................................................................................................2 6. Hardware In Detail...............................................................................................................................2 7. Palmtops, Personal Digital Assistants − PDAs, Handheld PCs − HPCs.............................................2 8. Cellular Phones, Pagers, Calculators, Digital Cameras, Wearable Computing...................................3 9. Accessories..........................................................................................................................................3
    [Show full text]
  • Open Source Licenses
    Threat Protection System v5.1.0 Open Source Licenses The TippingPoint Threat Protection System (TPS) devices use open source components. Many open source license agreements require user documentation to contain notification that the open source software is included in the product. For inquiries about acquiring license code, contact support. The following agreements are for software that this product includes or may include: • "BIND License Agreement" on page 9 • "boost License Agreement" on page 10 • "coreutils License Agreement regarding coreutils & libmspack" on page 11 • "corosync License Agreement" on page 20 • "cpputest License Agreement" on page 21 • "License Agreement regarding dbus; ecryptfs-utils; gdb; glibc; gptfdisk; ipset; keyutils; libcgi; libnih; libstatgrab; linux; lm-sensors; lttng; mxml; net-tools; open-vm-tools; pam-tacplus; rng-tools; RRDTool; syslog-ng; upstart & util-linux" on page 22 • "gSoap License Agreement" on page 26 • "host-sflow License Agreement" on page 33 • "ipmitool License Agreement" on page 38 • "jitterentropy-rngd License Agreement" on page 39 • "libpcap License Agreement" on page 40 • "libxml License Agreement" on page 41 • "NTP License Agreement" on page 42 • "OpenSSH License Agreement" on page 43 • "License Agreement regarding OpenSSL & openssl-fips" on page 49 • "qDecoder License Agreement" on page 52 • "shadow License Agreement" on page 53 • "tcpdump License Agreement" on page 55 TippingPoint acknowledges that the following open source components may be used in this product: • Adaptive Public License
    [Show full text]
  • BIG-IP® Systems and Safenet® Luna SA HSM: Implementation
    BIG-IP® Systems and SafeNet® Luna SA HSM: Implementation Version 11.5 Table of Contents Table of Contents Legal Notices and Acknowledgments......................................................................................5 Legal Notices.....................................................................................................................5 Acknowledgments..............................................................................................................6 Implementing the SafeNet Luna HSM with BIG-IP Systems.................................................23 Overview: Implementing the SafeNet Luna SA HSM with BIG-IP Systems.....................23 Task summary..................................................................................................................23 Prerequisites for implementing BIG-IP and SafeNet Luna SA HSM.....................23 Preparing to install the Luna SA client on the BIG-IP system...............................24 Installing and registering the Luna SA client.........................................................24 Generating a key/certificate using tmsh................................................................25 Generating a key/certificate using the Luna SA client...........................................25 Importing external HSM keys using tmsh..............................................................26 Adding certificates using tmsh..............................................................................26 Creating a client SSL profile to use an external
    [Show full text]
  • Third Party Libraries License Module Version Additional Licenses
    TE 8.5.5 Use of Third Party Libraries License Module Version Additional Licenses Apache (1.1/2.0) activemq-broker 5.13.2 activemq-client 5.13.2 activemq-client 5.14.2 activemq-jms-pool 5.13.2 activemq-kahadb-store 5.13.2 activemq-openwire-legacy 5.13.2 activemq-pool 5.13.2 activemq-protobuf 1.1 activemq-spring 5.13.2 ant 1.6.3 avalon-framework 4.2.0 awaitility 1.7.0 axis 1.4 yes batik 1.6 W3C batik-css 1.7 W3C batik-ext 1.7 W3C batik-util 1.7 W3C BoneCP 0.8.0.RELEASE cglib 2.2.1 cglib-nodep 2.2 commons-beanutils 1.9.2 commons-cli 1.2 commons-codec 1.4 commons-codec 1.6 commons-codec 1.9 commons-collections 3.2.2 commons-configuration 1.5 commons-configuration 1.8 commons-dbutils 1.3 commons-dbutils 1.6 commons-digester 1.8 commons-discovery 0.2 commons-fileupload 1.3.2 commons-httpclient 3.1 commons-io 1.4 commons-io 2.0.1 commons-io 2.1 commons-io 2.2 commons-io 2.4 commons-lang 2.4 commons-lang 2.6 commons-lang3 3.3.2 commons-lang3 3.4 commons-logging 1.0.3 commons-logging 1.1 commons-logging 1.1.1 commons-logging 1.1.3 commons-logging 1.2 commons-math 2.2 Minpack commons-net 3.5 commons-pool 1.4 commons-pool2 2.4.2 fop & fop-hyph 0.94 W3C Page 1 of 8 TE 8.5.5 Use of Third Party Libraries License Module Version Additional Licenses geronimo-j2ee-management_1.1_spec 1.0.1 geronimo-jms_1.1_spec 1.1.1 geronimo-jta_1.0.1B_spec 1.0.1 google-gin 1.5.0 google-guava r09 google-guava 11.0.2 google-guava 14.0.1 google-guava 15.0 google-guava 16.0.1 google-guava 18.0 google-guava 20 google-guava 21 google-guava-gwt 15.0 guava-retrying 2.0.0 google-guice
    [Show full text]
  • Cisco Telepresence ISDN Link IL1.0 Open Source Documentation
    Open Source Used In Cisco TelePresence ISDN Link IL1.0 This document contains the licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of the source code to which you are entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License) , please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-18510928 Contents 1.1 bash 4.2 1.1.1 Available under license 1.2 coreutils 8.15 1.2.1 Available under license 1.3 curl 7.24.0 1.3.1 Available under license 1.4 dbus 1.4.10 1.4.1 Available under license 1.5 dbus-glib 0.88 1.5.1 Available under license 1.6 dhcp 4.1.1 1.6.1 Available under license 1.7 eventlog 0.2.12 Open Source Used In Cisco TelePresence ISDN Link IL1.0 1 1.7.1 Available under license 1.8 expat 2.0.1 1.8.1 Available under license 1.9 fuse 2.8.7 1.9.1 Available under license 1.10 gawk 3.1.6 1.10.1 Available under license 1.11 glib 2.24.0 1.11.1 Available under license 1.12 glibc 2.13 1.12.1 Available under license 1.13 glibmm 2.20.1 1.13.1 Available under license 1.14 grep 2.6.3 :2.el6 1.14.1 Available under license 1.15 gzip 1.4 1.15.1 Available under license 1.16 icu4c 3.8.1 1.16.1 Available under license 1.17 ipcalc 1.3 1.17.1 Available under license 1.18 iproute2 2.6.34 1.18.1 Available under license 1.19 iptables 1.4.13 1.19.1 Available under license 1.20 iputils s20100214 1.20.1
    [Show full text]
  • ADS Chapter 545
    ADS Chapter 545 Information Systems Security Partial Revision Date: 03/11/2021 Responsible Office: M/CIO/IA File Name: 545_031121 03/11/2021 Partial Revision Functional Series 500 – Management Services ADS 545 – Information Systems Security POC for ADS 545: Laura Samotshozo, (202) 916-4517, [email protected] Table of Contents 545.1 OVERVIEW 8 545.2 PRIMARY RESPONSIBILITIES 9 545.3 POLICY DIRECTIVES AND REQUIRED PROCEDURES 12 545.3.1 Program Management (PM) 13 545.3.1.1 Information Security Program Plan (PM-1) 13 545.3.1.2 Senior Information Security Officer (PM-2) 13 545.3.1.3 Information Security Resources (PM-3) 13 545.3.1.4 Plan of Action and Milestones Process (PM-4) 14 545.3.1.5 Information System Inventory (PM-5) 14 545.3.1.6 Information Security Measures of Performance (PM-6) 14 545.3.1.7 Enterprise Architecture (PM-7) 14 545.3.1.8 Critical Infrastructure Plan (PM-8) 15 545.3.1.9 Risk Management Strategy (PM-9) 15 545.3.1.10 Security Authorization Process (PM-10) 15 545.3.1.11 Mission/Business Process Definition (PM-11) 16 545.3.1.12 Insider Threat Program (PM-12) 16 545.3.1.13 Information Security Workforce (PM-13) 16 545.3.1.14 Testing, Training, and Monitoring (PM-14) 16 545.3.1.15 Contacts with Security Groups and Organizations (PM-15) 16 545.3.1.16 Threat Awareness Program (PM-16) 17 545.3.2 Access Control (AC) 17 545.3.2.1 Access Control Policy and Procedures (AC-1) 17 545.3.2.2 Account Management (AC-2) 17 545.3.2.3 Access Enforcement (AC-3) 19 545.3.2.4 Information Flow Enforcement (AC-4) 19 545.3.2.5 Separation of
    [Show full text]