DOCSLIB.ORG

Digital Safety & Security Lt Cdr Mike Rose RN ©

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

RNIOA Article 15 [17/05/2020] characteristics linked to their IP address to enable ‘tracking.’ Where internet-based criminality is Digital Safety & Security involved, the acquisition of banking and credit card Lt Cdr Mike Rose RN © data is often the main objective. Introduction The aim of this article is to help people understand Prior to the introduction of the internet, personal the risks they face and how to attempt to mitigate computers for home use were self-contained in that them. So, whether you’re accessing the internet the operating system was bought and installed by with your mobile phone, PC, tablet or laptop, you’re the supplier/user, and external communications potentially exposed to every hacker, digital thief and using the PC were not yet technically developed. spammer across the globe. Not to mention that The most likely risk therefore was the possibility of viruses, trojan horses, spyware and adware are someone switching on unattended, non-password- always just one click away. You wouldn’t drive protected computers and copying sensitive without insurance, a seat belt and a GPS device, information onto an external memory device. so, similarly, when you “surf the net”, you need to Essentially, users were in control of their computing make sure that you are well “buckled up” and well- equipment and paid real money for the services informed. This article is written as a guide to “safe and software they used to a known vendor. surfing” and is just as important for personal users as it is for large tech companies. Malicious websites Spyware, which is software that steals your sensitive data without consent, lurks in many corners of the internet; often in places where you'd least expect it. All it takes is to be in the wrong place at the wrong time to compromise your digital safety. Let’s set the scene: You open your web browser and start surfing; Curiosity takes you to a new, interesting site With the introduction of the internet, however, the and then one of the following may happen: issues of ‘payment for services’ and external software connections (often hundreds and to 1. A pop-up appears, and you click on it - even ‘unknown’ destinations) to our PCs and other just to close it; devices have introduced numerous risks, as well as 2. You click on a link which falsely claims to benefits, that can overwhelm the average user, take you to a site you are wishing to access; including those who have high levels of IT skill and competence. The rapid expansion of so-called ‘free 3. You click on a graphic to enlarge it; services’ also challenges the economics principle of You may have unknowingly fallen into a spyware Adam Smith that ‘there is no such thing as a free trap. Software is downloaded onto your device and lunch.’ The ‘mirage’ of free services provided is a digital “spy” is installed. Your personal information therefore the ‘elephant in the room,’ with economic is now at risk. benefits being accrued by providers by means of targeted advertising, which requires the known or Sometimes, simply opening a web page can initiate unknown acquisition of users’ personal an undesired installation. 1 Malicious E-mails/Messages 3) Update your operating system regularly (often Let’s set another scene: done automatically by the principal providers). There are still many companies around the world You open an e-mail that seems innocuous (if it is using older versions of operating systems and are an HTML email, you already could be in trouble) therefore extremely vulnerable to hacker attacks and then you click on a link or document or and viruses. image within the email; 4) Increase your browser security settings, for The HTML email starts an installation – a virus example: block “tracking”, automatically delete or spyware is downloaded to your device without cookies and cache data after each session, avoid a your knowledge; “master password”, block pop-ups, prevent sites Your device is infected and your personal adding “add-ons” to your browser without your information may well be at risk without approval, prevent accessibility services from safeguards. accessing your browser, don’t automatically send usage data, block dangerous content, block camera How do I know if I have been affected? access, block certificate requests, etc. The effects or symptoms of viruses or spyware 5) When you visit a company's website, it’s always include: stealing sensitive information such as better to type it into the address bar of your credit card numbers, usernames and passwords, browser, or use a bookmark (more efficient), directing your browser to suspect sites, changing or instead of clicking on a link which you find in an deleting your files, pestering you with endless pop- email or text message. ups, and slowing down your device. 6) Make sure that you have reputable and reliable Internet safety can be deceiving. Seemingly security products installed on all your devices: reputable sites may contain spyware traps, or the sites themselves may be counterfeit - “phishing” Antivirus protection (and scan your device sites posing as the real thing. The path away from regularly). You don’t need to pay a lot for internet safety often begins innocently enough; protection, in fact many are free for personal however, certain sites are more prone to be use, such as AVG, but it’s important always to sources of spyware, including: read the terms and conditions. Adult sites Firewall (Windows includes one, so you can simply enable it). File sharing sites Antispyware/adware software (and scan your Social networking sites device regularly). Not all antivirus software scans for spyware or adware. You don’t need to Recommendations pay a lot for protection; in fact, many are free for 1) Avoid questionable websites, and avoid websites personal use, such as ADW Cleaner. that contain “flash” elements, since this (old) software can be a source of malware. Your browser VPN (Virtual Private Network). This is should either warn you if a site contains flash, or particularly important if you regularly use free block you altogether. WiFi in restaurants, airports and other establishments. It's invaluable as free WiFi 2) Only download software from sites you trust and networks are notoriously risky (others can carefully evaluate free software and file-sharing “observe” what you are doing). Another applications before downloading them. 2 advantage is the freedom of web surfing away device unless you trust them, since it would be from the prying eyes of big companies and feasible for them to install malicious software or governments - a VPN service doesn’t allow steal your personal information. There have also advertising entities to know where you are or been many cases of customers being charged what you’re doing – you, with some degree of exhorbitant fees for services provided remotely confidence, have absolute privacy. However, which weren’t even necessary. some VPN providers, theoretically, can trace your true location and pass on data about you Open source software and what you do on the internet, but all There is an ever-growing international community providers claim that they do none of these of open source software programmers, designers, things. So, before you pay for such a service, advocates and supporters. Consequently, there is make sure you trust the provider. The Opera already an immense library of such software browser comes with a free (limited) VPN service available, so much so, that it is easily possible to built-in, so research similar deals. You may also have a fully-functional personal electronic device wish to install an “ad blocker” to your browser. with no paid software at all. Open source alternatives are usually as robust and secure as 7) Always use strong passwords (maybe consider expensive programs. Here are some examples: using a password generator) and avoid a single (master) password. If you need to store your a) Operating systems: Unix, Linux. There are passwords somewhere, store them off-line, many versions of Linux available, and several of preferably not on your device and change them them are nearly identical to MS Windows in their regularly. If you want to keep them on your device usability. Currently, there are virtually no viruses in a single document password-protect and/or which can attack Unix or Linux, so simply switching encrypt the document. your device to one of these operating systems would already be an enormous step in the “safe” 8) Always password-protect your device access, as direction (although a little programming knowledge you never know who could use it in your absence. is needed to migrate to this potentially safer option). 9) Never pass on or tell anyone your password(s). If you ever forget a password to a website, it is b) Browsers: Tor, Firefox. usually possible to set a new one by clicking on a c) Search engines: Duck Duck Go (which states it link such as “Forgot/Reset my password”. has no tracking, no cookies, no history). 10) When you install software, always read every d) VPN: OpenVPN, Libreswan VPN, SoftEther step of the installation carefully. Sometimes VPN, Openswan VPN, Freelan VPN, ProtonVPN spyware or adware comes piggy-backed on the downloaded software. Select “No” or “Skip” on the e) Office software: Open Office, Libre Office (both options to install secondary applications. of these provide near-identical functionality to the 11) When you make an on-line purchase, it is little MS Office suite of applications, and work largely effort to type in your credit card details, so consider seamlessly with MS Office documents). carfefully whether you need to store those details f) Image editing software: GIMP, Krita, Pinta (these on the company’s website/database.
Recommended publications
  • Kommentarer Till Utgåvan Debian 10 (Buster), 64-Bit PC

    Kommentarer Till Utgåvan Debian 10 (Buster), 64-Bit PC

    Kommentarer till utgåvan Debian 11 (bullseye), 64-bit PC The Debian Documentation Project (https://www.debian.org/doc/) 5 oktober 2021 Kommentarer till utgåvan Debian 11 (bullseye), 64-bit PC Detta dokument är fri mjukvara; du kan vidaredistribuera det och/eller modifiera det i enlighet med villkoren i Free Software Foundations GNU General Public License version 2. Detta program är distribuerat med förhoppning att det ska vara användbart men HELT UTAN GARAN- TIER; inte ens underförstådd garanti om SÄLJBARHET eller att PASSA ETT SÄRSKILT SYFTE. Läs mer i GNU General Public License för djupare detaljer. Du borde ha fått en kopia av GNU General Public License tillsammans med det här programmet; om inte, skriv till Free Software Foundation, Inc., 51 Franklin Street. Fifth Floor, Boston, MA, 02110-1301 USA. Licenstexten kan också hämtas på https://www.gnu.org/licenses/gpl-2.0.html och /usr/ share/common-licenses/GPL-2 på Debian-system. ii Innehåll 1 Introduktion 1 1.1 Rapportera fel i det här dokumentet . 1 1.2 Bidra med uppgraderingsrapporter . 1 1.3 Källor för det här dokumentet . 2 2 Vad är nytt i Debian 11 3 2.1 Arkitekturer med stöd . 3 2.2 Vad är nytt i distributionen? . 3 2.2.1 Skrivbordsmiljöer och kända paket . 3 2.2.2 Utskrifter och scanning utan drivrutiner . 4 2.2.2.1 CUPS och utskrifter utan drivrutiner . 4 2.2.2.2 SANE och scannrar utan drivrutiner . 4 2.2.3 Nytt generellt kommando ”open” . 5 2.2.4 Control groups v2 . 5 2.2.5 Beständig systemd-journal .
  • FIPS 140-2 Non-Proprietary Security Policy Oracle Linux 7 Libreswan

    FIPS 140-2 Non-Proprietary Security Policy Oracle Linux 7 Libreswan

    FIPS 140-2 Non-Proprietary Security Policy Oracle Linux 7 Libreswan Cryptographic Module FIPS 140-2 Level 1 Validation Software Version: R7-2.0.0 Date: April 06, 2018 Document Version 1.2 © Oracle Corporation This document may be reproduced whole and intact including the Copyright notice. Title: Oracle Linux 7 Libreswan Cryptographic Module Security Policy April 06, 2018 Author: Atsec Information Security Contributing Authors: Oracle Linux Engineering Oracle Security Evaluations – Global Product Security Oracle Corporation World Headquarters 500 Oracle Parkway Redwood Shores, CA 94065 U.S.A. Worldwide Inquiries: Phone: +1.650.506.7000 Fax: +1.650.506.7200 oracle.com Copyright © 2018, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. Oracle specifically disclaim any liability with respect to this document and no contractual obligations are formed either directly or indirectly by this document. This document may reproduced or distributed whole and intact including this copyright notice. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Oracle Linux 7 Libreswan Cryptographic Module Security Policy i
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns

    Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns

    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
  • Tunnel Broker Ipv4/Ipv6 Mediante Openvpn

    Tunnel Broker Ipv4/Ipv6 Mediante Openvpn

    Trabajo Fin de Grado Grado en Ingeniería de Tecnologías de Telecomunicación Tunnel Broker IPv4/IPv6 mediante OpenVPN Autor: José Luis Peña Higueras Tutor: Francisco José Fernández Jiménez Equation Chapter 1 Section 1 Dpto. de Telemática Escuela Técnica Superior de Ingeniería Universidad de Sevilla Sevilla, 2019 Trabajo Fin de Grado Grado en Ingeniería de Tecnologías de Telecomunicación Tunnel Broker IPv4/IPv6 mediante OpenVPN Autor: José Luis Peña Higueras Tutor: Francisco José Fernández Jiménez Profesor Colaborador Dpto. de Ingeniería Telemática Escuela Técnica Superior de Ingeniería Universidad de Sevilla Sevilla, 2019 Trabajo Fin de Grado: Tunnel Broker IPv4/IPv6 mediante OpenVPN Autor: José Luis Peña Higueras Tutor: Francisco José Fernández Jiménez El tribunal nombrado para juzgar el Trabajo arriba indicado, compuesto por los siguientes miembros: Presidente: Vocales: Secretario: Acuerdan otorgarle la calificación de: Sevilla, 2019 El Secretario del Tribunal A mi familia A mis maestros Agradecimientos En primer lugar, agradecer a mis padres, José Luis Peña Martínez y Francisca Higueras Ruiz por haberme ayudado durante todos los años de carrera y durante la realización de este proyecto. Ellos han estado en los buenos y malos momentos durante el paso por la carrera y me han proporcionado todo lo necesario para poder impartir estos estudios. Además me gustaría agradecer a mi hermano Francisco Javier por el apoyo durante la realización del proyecto. En segundo lugar, quiero agradecer a todos los profesores que han estado a lo largo de la carrera por darme todo el conocimiento necesario tanto en el ámbito académico como en el ámbito laboral. En especial, me gustaría agradecer a mi profesor Francisco José Fernández Jiménez por toda su ayuda durante todo el proyecto, por haber adaptado su horario a las necesidades que en muchas ocasiones tenía y sobre todo, por la orientación que me ha dado a lo largo de todo el proyecto.
  • Comparison of Virtual Networks Solutions for Community Clouds

    Comparison of Virtual Networks Solutions for Community Clouds

    KTH Royal Institute of Technology Bachelor Thesis Comparison of Virtual Networks Solutions for Community Clouds Examiner: Vladimir Vlassov Author: Albert Avellana Supervisors: Paris Carbone, Hooman Peiro Information and Communication Technology School February 2014 KTH Royal Institute of Technology Abstract Information and Communication Technology School Bachelor Thesis Comparison of Virtual Networks Solutions for Community Clouds by Albert Avellana Cloud computing has a huge importance and big impact nowadays on the IT world. The idea of community clouds has emerged recently in order to satisfy several user expectations. Clommunity is a European project that aims to provide a design and implementation of a self-configured, fully distributed, decentralized, scalable and robust cloud for a community of users across a commmunity network. One of the aspects to analyze in this design is which kind of Virtual Private Network (VPN) is going to be used to interconnect the nodes of the community members interested in access cloud services. In this thesis we will study, compare and analyze the possibility of using Tinc, IPOP or SDN-based solutions such as OpenFlow to establish such a VPN. Acknowledgements I would like to express my gratitude to all those who gave me the possibility to do this thesis in KTH. Firstly, I would like to thank Vlad for the opportunity he gave me to do this thesis and for his support. Secondly, thanks to my thesis supervisors: Paris Carbone and Hooman Peiro, who guided me through the research, helped me and gave me recommendations during this period. Also, I would like to thank F´elixFreitag and Leandro Navarro from Universitat Polit`ecnica de Catalunya for supporting me from Barcelona and make this stay in Stockholm possi- ble.
  • Bohrende Fragen Wireguard

    Bohrende Fragen Wireguard

    01/2018 VPN mit Wireguard aufsetzen Titelthema Bohrende Fragen Wireguard 38 Wer ein Virtual Private Network einrichten möchte, kämpft oftmals mit einer nicht ganz simplen Konfiguration. Wireguard verspricht, dass der Tunnelbau auch einfacher und flinker gelingen kann. Falko Benthin www.linux-magazin.de Quelltext und setzt auf starke Verschlüs- selungsalgorithmen, wofür Donenfeld Trevor Perrins Noise Protocol Framework [9] ins Boot nimmt. Für Zertifikate setzt das Wireguard-Protokoll auf Ed25519, für den Schlüsselaustausch auf Curve25519 (ECDHE) und für den Datentransport auf Chacha20-poly1305. Wireguard unterstützt allerdings nur eine kryptografische Suite, die sich je- doch bei Problemen ohne Weiteres aus- tauschen lässt. Anwender müssen ihre Verschlüsselungs-Suite also nicht mehr aus verschiedenen Chiffren selbst zusam- menbasteln. Das reduziert die Komple- xität und vermindert das Risiko von Si- cherheitslücken. Wireguard arbeitet aus © Péter Gudella, 123RF © Péter Sicht des Administrators zustandslos und bringt einen integrierten Schutz gegen VPNs (Virtual Private Networks) gelten In freien Wildbahn treffen Admins Wire- Denial-of-Service-Attacken mit. als sichere Nummer, wenn es darum guard bislang noch eher selten an. Das geht, das Home Office mit dem Firmen- dürfte vor allem daran liegen, dass das Installation und netz, Firmensitze mit der Zentrale oder Projekt noch nicht im offiziellen Linux- Inbetriebnahme Geschäftsreisende mit ihrer Kundenda- Kernel steckt und aktuell nur für Linux tenbank zu verbinden. Privatnutzer ver- und OS X verfügbar ist. Daneben feh- Die Repositories zahlreicher Distributio- wenden VPNs, um beispielsweise sicher len Sicherheits-Audits und das Protokoll nen bieten Wireguard bereits an, sodass über das Internet auf die heimische Wet- kann sich noch ändern. Experimentierfreudige es leicht mit Hilfe terstation mit angeschlossenem Daten- Trotzdem haben es manche VPN-Provi- der entsprechenden Paketverwaltung in- bankserver zuzugreifen.
  • Notas De Publicación De Debian 10 (Buster), 32-Bit MIPS (Big Endian)

    Notas De Publicación De Debian 10 (Buster), 32-Bit MIPS (Big Endian)

    Notas de publicación de Debian 10 (buster), 32-bit MIPS (big endian) El proyecto de documentación de Debian (https://www.debian.org/doc/) 2 de octubre de 2021 Notas de publicación de Debian 10 (buster), 32-bit MIPS (big endian) Esta documentación es software libre; puede redistribuirla o modificarla bajo los términos de la Licencia Pública General GNU, versión 2, publicada por la «Free Software Foundation». Este programa se distribuye con el deseo de ser útil, pero SIN GARANTÍA ALGUNA; ni siquiera la garantía implícita de MERCADEO o AJUSTE A PROPÓSITOS ESPECÍFICOS. Si desea más detalles, consulte la Licencia Pública General de GNU. Debería haber recibido una copia de la Licencia Pública General de GNU junto con este programa; si no fue así, escriba a la Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. El texto de la licencia se puede encontrar también en https://www.gnu.org/licenses/gpl-2. 0.html y en /usr/share/common-licenses/GPL-2 en los sistemas Debian. ii Índice general 1. Introducción 1 1.1. Cómo informar de fallos en este documento . 1 1.2. Cómo contribuir con informes de actualización . 1 1.3. Fuentes de este documento . 2 2. Las novedades de Debian 10 3 2.1. Arquitecturas soportadas . 3 2.2. ¿Qué novedades hay en la distribución? . 3 2.2.1. Arranque seguro UEFI . 4 2.2.2. AppArmor activo por omisión . 4 2.2.3. Bastionado opcional de APT . 5 2.2.4. Actualizaciones desatendidas para publicaciones estables . 5 2.2.5. Mejora sustancial en las páginas de manual para usuarios que hablan alemán .
  • SEMOS: a Middleware for Providing Secure and Mobility-Aware Sessions Over a P2P Overlay Network

    SEMOS: a Middleware for Providing Secure and Mobility-Aware Sessions Over a P2P Overlay Network

    SEMOS: A Middleware for Providing Secure and Mobility-Aware Sessions over a P2P Overlay Network B Daouda Ahmat1,2( ), Mahamat Barka2, and Damien Magoni3 1 Virtual University of Chad, N’Djamena, Chad [email protected] 2 University of N’Djamena, N’Djamena, Chad [email protected] 3 University of Bordeaux – LaBRI, Bordeaux, France [email protected] Abstract. Mobility and security are major features for both current and future network infrastructures. Nevertheless, the integration of mobility in traditional virtual private networks is difficult due to the costs of re-establishing broken secure tunnels and restarting broken connections. Besides session recovery costs, renegotiation steps also present inherent vulnerabilities. In order to address these issues, we propose a new dis- tributed mobile VPN system called SEcured MObile Session (SEMOS). Based upon our CLOAK peer-to-peer overlay architecture, SEMOS pro- vides security services to the application layer connections of mobile users. Secure and resilient sessions allow user connections to survive net- work failures as opposed to regular transport layer secured connections used by traditional VPN protocols. Keywords: Connectivity · Mobility · Overlay · P2P · VPN · Security 1 Introduction Mobile devices and wireless networks have progressively provided increased con- nectivity for users. However, such extended connectivity often comes at the expense of vulnerabilities to attacks such as eavesdropping. Malicious users can infiltrate public open networks and attack legitimate traffic. Virtual Pri- vate Networks (VPN) are offering high security to the network traffic [1]. Tra- ditionally, these systems allow the user to securely and remotely communicate with its Intranet through insecure public networks such as the Internet.
  • Security Guide for Cisco Unified Communications Manager, Release 12.5(1)SU2

    Security Guide for Cisco Unified Communications Manager, Release 12.5(1)SU2

    Security Guide for Cisco Unified Communications Manager, Release 12.5(1)SU2 First Published: 2020-02-03 Last Modified: 2021-09-27 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS (6387) Fax: 408 527-0883 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS. THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY. The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB's public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California. NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE. IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
  • Master's Thesis Template

    Master's Thesis Template

    DEGREE PROGRAMME IN WIRELESS COMMUNICATIONS ENGINEERING MASTER’S THESIS Wireless Backhaul in Future Cellular Communication Author Munim Morshed Supervisor Mika Ylianttila Second Examiner Jari Iinatti (Technical Advisor Jaakko Leinonen) August 2018 Morshed Munim. (2018) Wireless Backhaul for Future Cellular Communication. University of Oulu, Degree Programme in Wireless Communications Engineering. Master’s Thesis, 64 p. ABSTRACT In 5G technology, huge number of connected devices are needed to be considered where the expected throughput is also very ambitious. Capacity is needed and thus used frequencies are expected to get higher (above 6 GHz even up to 80 GHz), the Cell size getting smaller and number of cells arising significantly. Therefore, it is expected that wireless backhaul will be one option for Network operators to deliver capacity and coverage for high subscriber density areas with reduced cost. Wireless backhaul optimization, performance and scalability will be on the critical path on such cellular system. This master’s thesis work includes connecting a base station by using the wireless backhaul by introducing a VPN in the proposed network. We find the bottleneck and its solution. The network is using 3.5 GHz wireless link instead of LAN wire for backhaul link between the EnodeB and the core network (OpenEPC). LTE TDD band 42 acting as a Wireless Backhaul (Link between EnodeB and Band 42 CPE Router). The status and attachment procedure are observed from different nodes of the openEPC and from the VPN machine. Step by step we have established a tunnel between the CPE device and the VPN server using PPTP and L2TP with IPSec tunneling protocol.
  • How to Design a Trustworthy Ipsec VPN Device Employing Nested Tunnels?

    How to Design a Trustworthy Ipsec VPN Device Employing Nested Tunnels?

    How to design a trustworthy IPsec VPN device employing nested tunnels? Alexander Spottka Information Security, master's level (60 credits) 2018 Luleå University of Technology Department of Computer Science, Electrical and Space Engineering ABSTRACT nterprises use site-to-site Virtual Private Network (VPN) technology to securely transmit data over insecure networks, such as the Internet. By utilizing commercial VPN products, Eorganizations partially rely on the vendors to keep their communication out of reach from malicious groups or individuals. These VPN servers consist of thousands of subcomponents, which can be grouped into hardware, operating system, general software, protocols, and algorithms. The main idea of this study is to design an IPsec VPN architecture based on IPsec nesting. This is achieved by designing two servers that consist of different subcomponents on each layer. Thus, a vulnerability in one component will not necessarily put the entire IPsec communication at risk. The subcomponents picked for deployment are investigated and reviewed based on their trustworthiness, which will be based on later defined criteria. This trust analysis will act as a potential starting point for providing a framework for future trust assessments. i ACKNOWLEDGEMENTS efore presenting details of this study, I want to thank Combitech, and especially Per Westerberg and Daniel Arvidsson for their support of this thesis. Despite their busy Bschedule, we managed to initiate the thesis. Furthermore, I wish to thank Tero Päivärinta and Parvaneh Westerlund. Even though I decided to pursue this study on late notice, they supported me with detailed feedback and simplicity in the process. Personally, I want to thank my girlfriend Melina who, despite her own work, took care of everything else in order to help me stay focused on the study.
  • Release Notes for Debian 10 (Buster), IBM System Z

    Release Notes for Debian 10 (Buster), IBM System Z

    Release Notes for Debian 10 (buster), IBM System z The Debian Documentation Project (https://www.debian.org/doc/) September 30, 2021 Release Notes for Debian 10 (buster), IBM System z This document is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License, version 2, as published by the Free Software Foundation. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. The license text can also be found at https://www.gnu.org/licenses/gpl-2.0.html and /usr/ share/common-licenses/GPL-2 on Debian systems. ii Contents 1 Introduction 1 1.1 Reporting bugs on this document . 1 1.2 Contributing upgrade reports . 1 1.3 Sources for this document . 2 2 What’s new in Debian 10 3 2.1 Supported architectures . 3 2.2 What’s new in the distribution? . 3 2.2.1 UEFI Secure Boot . 4 2.2.2 AppArmor enabled per default . 4 2.2.3 Optional hardening of APT . 5 2.2.4 Unattended-upgrades for stable point releases . 5 2.2.5 Substantially improved man pages for German speaking users . 5 2.2.6 Network filtering based on nftables framework by default .