DOCSLIB.ORG

Operating System Stability and Security Through Process Homeostasis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Operating System Stability and Security Through Process Homeostasis Operating System Stability and Security through Process Homeostasis by Anil Buntwal Somayaji B.S., Massachusetts Institute of Technology, 1994 DISSERTATION Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Computer Science The University of New Mexico Albuquerque, New Mexico July 2002 c 2002, Anil Buntwal Somayaji iii iv Dedication To all those system administrators who spend their days nursemaiding our computers. v vi Acknowledgments Graduate school has turned out to be a long, difficult, but rewarding journey for me, and I would not have made it this far without the help of many, many people. I cannot hope to completely document how these influences have helped me grow; nevertheless, I must try and acknowledge those who have accompanied me. First, I would like to thank my committee: David Ackley, Rodney Brooks, Barney Maccabe, Margo Seltzer, and especially my advisor, Stephanie Forrest. They all had to read through a rougher manuscript than I would have liked, and had to do so under significant time pressures. They provided invaluable feedback on my ideas and experiments. Most importantly, they have been my teachers. I'm also grateful to have been part of the Adaptive Computation Group at the University of New Mexico and to have been a member of the complex adaptive systems community here in New Mexico. Fellow graduate students at UNM and colleagues at the Santa Fe Institute have shaped my thoughts and have inspired me to do my best work. I will miss all of you. The Computer Science Department at UNM has been my home for the past several years. Its faculty members have instructed me and have treated me as a colleague; its administrative staff have helped me with the practical details of being a graduate student. The department has been a supportive environment, and it will be hard to leave. Also, the Systems Support Group of the UNM Computer Science department helped me collect some of my most important datasets. In the process, they sometimes had to deal with crises that I inadvertently created. They have been both helpful and understanding. Over the past several years many people in the computer security community have helped us understand important past work, yet have also encouraged us to pursue our own vision. They have been valuable colleagues and friends. The Massachusetts Institute of Technology was my home during my undergrad- uate years, and I was also a visiting graduate student in its Artificial Intelligence laboratory during the 1996-97 academic year. This year was a valuable part of my graduate school education. With the help of my former physics teacher, Bill Rodriguez, the University School of Nashville's web server provided the best data on the behavior of pH. Finally, I must thank my many friends for supporting me, Dana for being there during the last stages of my graduate career, and my parents and my sister Shalini for providing the love and support to get me this far. This work was funded by NSF, DARPA, ONR, Intel, and IBM. vii viii Operating System Stability and Security through Process Homeostasis by Anil Buntwal Somayaji ABSTRACT OF DISSERTATION Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Computer Science The University of New Mexico Albuquerque, New Mexico July 2002 Operating System Stability and Security through Process Homeostasis by Anil Buntwal Somayaji B.S., Massachusetts Institute of Technology, 1994 Ph.D., Computer Science, University of New Mexico, 2002 Abstract Modern computer systems are plagued with stability and security problems: ap- plications lose data, web servers are hacked, and systems crash under heavy load. Many of these problems arise from rare program behaviors. pH (process Homeosta- sis) is a Linux 2.2 kernel extension which detects unusual program behavior and responds by slowing down that behavior. Inspired by the homeostatic mechanisms organisms use to stabilize their internal environment, pH detects changes in pro- gram behavior by observing changes in short sequences of system calls. When pH determines that a process is behaving unusually, it responds by slowing down that process's system calls. If the anomaly corresponds to a security violation, delays often stop attacks before they can do damage. Delays also give users time to decide whether further actions are warranted. xi My dissertation describes the rationale, design, and behavior of pH. Experimental results are reported which show that pH effectively captures the normal behavior of a variety of programs under normal use conditions. This captured behavior allows it to detect anomalies with a low rate of false positives (as low as 1 user interven- tion every five days). Data are presented that show pH responds effectively and autonomously to buffer overflows, trojan code, and kernel security flaws. pH can also help administrators by detecting newly-introduced configuration errors. At the same time, pH is extremely lightweight: it incurs a general performance penalty of only a few percent, a slowdown that is imperceptible in practice. The pH prototype is licensed under the GNU General Public License and is available for download at http://www.cs.unm.edu/∼soma/pH/. xii Contents List of Figures xix List of Tables xxi 1 Introduction 1 1.1 Motivation . 2 1.2 Computer Homeostasis . 3 1.3 System-call Monitoring and Response . 6 1.4 Contributions . 8 1.5 Overview . 9 2 Background 11 2.1 Computer Security . 11 2.1.1 Intrusion Detection . 13 2.1.2 Automated Response . 17 2.1.3 Kernel-level Security Projects . 19 xiii Contents 2.2 Operating Systems . 20 2.3 Compilers . 21 2.4 Fault Tolerance . 22 2.5 System Administration . 24 2.6 Artificial Life & Robotics . 25 3 Homeostasis 29 3.1 Biological Homeostasis . 30 3.1.1 Temperature Control . 30 3.1.2 Immune System . 31 3.2 Process Homeostasis . 34 3.2.1 Requirements . 35 3.2.2 Abstractions . 36 3.2.3 Enclosed System . 38 3.2.4 System Property . 38 3.2.5 Detector . 39 3.2.6 Effector . 41 3.2.7 The User's View of pH . 42 4 Analyzing System Call Sequences 45 4.1 Requirements . 45 xiv Contents 4.2 Description . 47 4.3 Analysis . 51 4.3.1 Speed . 52 4.3.2 Profile Size . 53 4.3.3 Convergence . 54 4.3.4 Anomaly Sensitivity . 56 4.4 Summary . 57 5 Implementing pH 59 5.1 Why a kernel implementation? . 59 5.2 Implementation Overview . 61 5.3 Classifying Normal Profiles . 65 5.3.1 Requirements . 65 5.3.2 Profile Heuristics . 66 5.4 Delaying System Calls . 68 5.5 Tolerization and Sensitization . 71 5.6 Data Structures . 72 5.7 Kernel Integration . 76 5.8 Interacting with pH . 78 5.9 Parameters . 81 5.9.1 System Call Window Sizes . 82 xv Contents 5.9.2 Logging . 82 5.9.3 Classifying Normal Profiles . 83 5.9.4 Automated Response . 84 5.10 Performance . 86 6 Normal Program Behavior in Practice 91 6.1 What is Normal Behavior? . 92 6.2 A Day in Detail . 94 6.3 Choosing a Method & Window Size . 98 6.4 A Few Weeks on a Personal Workstation . 101 6.5 Normal Monitoring . 102 6.6 False Positives . 107 6.7 Normal Behavior on Other Hosts . 111 6.8 Profile Diversity and Complexity . 114 6.9 suspend execve Issues & Longer-Term Data . 119 6.10 Normal in Practice . 122 7 Anomalous Behavior 125 7.1 What Changes Are Detectable? . 126 7.2 Inetd Perturbations . 133 7.2.1 Daytime . 135 xvi Contents 7.2.2 Chargen . 136 7.2.3 Unknown External Program . 139 7.2.4 Unknown Service . 141 7.2.5 Summary . 144 7.3 Intrusions . 145 7.3.1 A Buffer Overflow . 147 7.3.2 Trojan Code . 149 7.3.3 A Kernel Vulnerability . 151 7.4 Other Attacks . 153 7.4.1 Earlier pH Experiments . 153 7.4.2 Linux capability exploit . 156 7.4.3 System-call Monitoring Experiments . 157 7.5 Intelligent Adversaries . 160 7.6 Summary . 162 8 Discussion 165 8.1 Contributions . 165 8.2 Limitations . 167 8.2.1 Capturing Normal Behavior . 168 8.2.2 Denial of Service . 169 8.2.3 Portability . 171 xvii Contents 8.3 Computer Homeostasis . 173 References 175 xviii List of Figures 1.1 A schematic diagram of classes of program behavior. 4 1.2 The process of making a system call. 7 3.1 An MHC-peptide complex . 33 5.1 Basic flow of control and data in a pH-modified Linux kernel. 63 5.2 Training and testing datasets . 64 5.3 pHmon screenshot . 64 5.4 pH's normal profile heuristics. 67 5.5 Schematic delay graph . ..
Load more

Recommended publications
  • Pipenightdreams Osgcal-Doc Mumudvb Mpg123-Alsa Tbb
    pipenightdreams osgcal-doc mumudvb mpg123-alsa tbb-examples libgammu4-dbg gcc-4.1-doc snort-rules-default davical cutmp3 libevolution5.0-cil aspell-am python-gobject-doc openoffice.org-l10n-mn libc6-xen xserver-xorg trophy-data t38modem pioneers-console libnb-platform10-java libgtkglext1-ruby libboost-wave1.39-dev drgenius bfbtester libchromexvmcpro1 isdnutils-xtools ubuntuone-client openoffice.org2-math openoffice.org-l10n-lt lsb-cxx-ia32 kdeartwork-emoticons-kde4 wmpuzzle trafshow python-plplot lx-gdb link-monitor-applet libscm-dev liblog-agent-logger-perl libccrtp-doc libclass-throwable-perl kde-i18n-csb jack-jconv hamradio-menus coinor-libvol-doc msx-emulator bitbake nabi language-pack-gnome-zh libpaperg popularity-contest xracer-tools xfont-nexus opendrim-lmp-baseserver libvorbisfile-ruby liblinebreak-doc libgfcui-2.0-0c2a-dbg libblacs-mpi-dev dict-freedict-spa-eng blender-ogrexml aspell-da x11-apps openoffice.org-l10n-lv openoffice.org-l10n-nl pnmtopng libodbcinstq1 libhsqldb-java-doc libmono-addins-gui0.2-cil sg3-utils linux-backports-modules-alsa-2.6.31-19-generic yorick-yeti-gsl python-pymssql plasma-widget-cpuload mcpp gpsim-lcd cl-csv libhtml-clean-perl asterisk-dbg apt-dater-dbg libgnome-mag1-dev language-pack-gnome-yo python-crypto svn-autoreleasedeb sugar-terminal-activity mii-diag maria-doc libplexus-component-api-java-doc libhugs-hgl-bundled libchipcard-libgwenhywfar47-plugins libghc6-random-dev freefem3d ezmlm cakephp-scripts aspell-ar ara-byte not+sparc openoffice.org-l10n-nn linux-backports-modules-karmic-generic-pae
    [Show full text]
  • Iptables Tutorial 1.2.2
    Iptables Tutorial 1.2.2 Oskar Andreasson oan@frozentux.net Marc Blanc arsace@wanadoo.fr Publié par : Philippe Latu philippe.latu(at)inetdoc.net http://www.inetdoc.net Dédicaces Je voudrais dédier ce document à ma merveilleuse soeur pour m'avoir inspiré et donné ses conseils en retour. Elle est une source de joie et un rayon de soleil quand j'ai besoin d'elle. Merci ! Un mot particulier pour Ninel pour m'avoir toujours encouragé dans mon travail et avoir pris soin de moi quand j'en avais le plus besoin. Merci ! Ensuite, j'aimerais dédicacer ce travail à tous les courageux développeurs et mainteneurs de Linux. Ce sont eux qui font exister ce fabuleux système d'exploitation. Iptables Tutorial 1.2.2 i Table des matières À propos de l'auteur .............................................................................................................................. vii Exploration de ce document .................................................................................................................. viii Préalables ............................................................................................................................................... ix Conventions utilisées dans ce document .................................................................................................. x 1. Introduction ......................................................................................................................................... 1 1.1. Motivations ..............................................................................................................................
    [Show full text]
  • Les Systèmes D'exploitation
    Cours IN201 Année 2010-2011 Les Systèmes d’Exploitation Responsable : Bertrand Collin. Auteurs : Bertrand Collin, Marc Baudoin, Manuel Bouyer, Jérôme Gueydan, Thomas Degris, Fré- déric Loyer, Damien Mercier. École nationale supérieure de techniques avancées Copyright c Bertrand Collin 2009–2011 Ce document est mis à disposition selon les termes du contrat Creative Com- mons « Paternité - Pas d’utilisation commerciale - Partage des conditions initiales à l’identique » 2.0 France : http://creativecommons.org/licenses/by-nc-sa/2.0/fr/ Vous êtes libre : – de reproduire, distribuer et communiquer cette création au public ; – de modifier cette création. Selon les conditions suivantes : Paternité. Vous devez citer le nom de l’auteur original de la manière indiquée par l’auteur de l’œuvre ou le titulaire des droits qui vous confère cette autorisation (mais pas d’une manière qui suggérerait qu’ils vous soutiennent ou approuvent votre utilisation de l’œuvre). Pas d’utilisation commerciale. Vous n’avez pas le droit d’utiliser cette création à des fins commerciales. Partage des conditions initiales à l’identique. Si vous modifiez, transformez ou adaptez cette création, vous n’avez le droit de distribuer la création qui en résulte que sous un contrat identique à celui-ci. – À chaque réutilisation ou distribution de cette création, vous devez faire appa- raître clairement au public les conditions contractuelles de sa mise à disposition. La meilleure manière de les indiquer est un lien vers cette page Web. – Chacune de ces conditions peut être levée si vous obtenez l’autorisation du titulaire des droits sur cette œuvre. – Rien dans ce contrat ne diminue ou ne restreint le droit moral de l’auteur ou des auteurs.
    [Show full text]
  • Operating System Stability and Security Through Process Homeostasis
    Operating System Stability and Security through Process Homeostasis by Anil Buntwal Somayaji B.S., Massachusetts Institute of Technology, 1994 DISSERTATION Submitted in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy Computer Science The University of New Mexico Albuquerque, New Mexico May 2002 c 2002, Anil Buntwal Somayaji ! iii Dedication To all those system administrators who spend their days nursemaiding our computers. iv Acknowledgments Graduate school has turned out to be a long, difficult, but rewarding journey for me, and I would not have made it this far without the help of many, many people. I cannot hope to completely document how these influences have helped me grow; nevertheless, I must try and acknowledge those who have accompanied me. First, I would like to thank my committee: David Ackley, Rodney Brooks, Barney Maccabe, Margo Seltzer, and especially my advisor, Stephanie Forrest. They all had to read through a rougher manuscript than I would have liked, and had to do so under significant time pressures. They provided invaluable feedback on my ideas and experiments. Most importantly, they have been my teachers. I’m also grateful to have been part of the Adaptive Computation Group at the University of New Mexico and to have been a member of the complex adaptive systems community here in New Mexico. Fellow graduate students at UNM and colleagues at the Santa Fe Institute have shaped my thoughts and have inspired me to do my best work. I will miss all of you. The Computer Science Department at UNM has been my home for the past several years.
    [Show full text]
  • CERIAS Tech Report 2002-41 a RECURSIVE SESSION TOKEN PROTOCOL for USE in COMPTUER FORENSICS and TCP TRACEBACK by Brian Carrier
    CERIAS Tech Report 2002-41 A RECURSIVE SESSION TOKEN PROTOCOL FOR USE IN COMPTUER FORENSICS AND TCP TRACEBACK by Brian Carrier & Clay Shields Center for Education and Research in Information Assurance and Security, Purdue University, West Lafayette, IN 47907 A Recursive Session Token Protocol For Use in Computer Forensics and TCP Traceback Brian Carrier Clay Shields Center for Education and Research in Department of Computer Science Information Assurance and Security (CERIAS) Georgetown University Purdue University Washington, D.C., 20007 West Lafayette, IN 47907 clay@cs.georgetown.edu carrier@cerias.purdue.edu C C 0 1 C n−1 We present the Session TOken Protocol (STOP) [5], which H H H H H 0 1 2 n−1 n is based on the ident protocol, and helps forensic investiga- tion of stepping-stone chains while protecting the privacy of H H Fig. 1. Connection chain example between 0 and n users. STOP saves application-level data about the process and user that opened the socket, and can also send requests to pre- vious hosts to identify other hosts in the chain. At each stage, Abstract— We introduce a new protocol designed to assist in the forensic a hashed token is returned; at no point in the protocol does the investigation of malicious network-based activity, specifically ad- requester ever directly learn user or process data. Instead, they dressing the stepping-stone scenario in which an attacker uses a must redeem the token to the system administrator who can de- chain of connections through many hosts to hide his or her iden- termine the merit of releasing user information.
    [Show full text]
  • Kevells Documentation Release 0.1
    kevells Documentation Release 0.1 kevell April 27, 2015 Contents 1 About pharaohtools 1 1.1 Commands................................................1 2 Indices and tables 497 i ii CHAPTER 1 About pharaohtools Welcome to the pharaohtools documentation! The Pharaohs has its own benefit while comparing to other tools as it is user friendly. In this tool the coding and the entire process depends and based php. As the pharaoh tool is framed as per php, it is easier to re-write the codes if required. Its modules functionality provides support to Mac, Linux or Unix, and also for the windows. It is a known as a shorter route which is less time-consuming, limits the use of manpower, reduces the necessity of input from users while installation. No need to download separately the templates and plug-ins that are used to support the software’s as everything gets covers under a single root. It is extensible, as if any extra module is required the user can frame and design the module as per their requirements and they can include. It is also simpler to rewrite the coding as required. By installing a single application ptconfigure entire modules under the pharaoh tool get enveloped. 1.1 Commands 1.1.1 Jrush Cache Synopsis Jrush auxiliary to clear cache in temporary memory. It has two types of cache. But both are having different functions as specified in their name. They are site clear and admin clear. It is gratified with Ubuntu and cent OS. Deleting files, folders and applications – and clearing the data from the temporary memory – won’t do the trick if you’re going to recycle the content wont be available in your computer.
    [Show full text]
  • Step by Step Linux Guide By
    Step by Step Linux Guide by M. B. G. Suranga De Silva Step by Step Linux Guide, describes the system administration aspects of using Linux. It is intended for people who know nothing about system administration. This book TM Step by Step Linux Guide. Page 1 doesn’t tell you how to install Linux since it is very straight forward but it gives you real world mail, DNS, proxy, web, messaging etc… server installations and configurations. System administration is all the things that one has to do to keep a computer system in a useable shape. It Includes things like backing up files and restoring , installing new programs, creating accounts for users, making certain that the filesystem is not corrupted, and so on. There is no one official Linux distribution, so different people have different setups, and many people have a setup they have built up themselves. This book is not targeted at any one distribution, even though I use Red Hat Linux 8 and 9 the contents can be applied to any distribution. Many people have helped me with this book, directly or indirectly. I would like to especially thank my own brother Dilan Kalpa De Silva, Luckshika Jayadeva for her excellent type-setting, my ever loving mother, two sisters and my aunt Mallika Vitharana. TM Step by Step Linux Guide. Page 2 Quick Configs Jabberd Sendmail Qpopper Qmail CourrierIMAP Server Squirrelmail DHCP Server PHP and Mysql PostGRE File Server Squid Squidguard Iptables Freeradius Apache Apache Monitoring Tool (AWTStats) Samba DNS Bind OpenLDAP NoCatAuth Load Balancers Load Sharing Network Monitoring Tool (nagios) Kernal Recompilation Java in Linux Linux commands in brief TM Step by Step Linux Guide.
    [Show full text]
  • Iptables Tutorial 1.2.2
    Iptables Tutorial 1.2.2 Oskar Andreasson oan@frozentux.net Iptables Tutorial 1.2.2 by Oskar Andreasson Copyright © 2001-2006 Oskar Andreasson Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1; with the Invariant Sections being "Introduction" and all sub-sections, with the Front-Cover Texts being "Original Author: Oskar Andreasson", and with no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". All scripts in this tutorial are covered by the GNU General Public License. The scripts are free source; you can redistribute them and/or modify them under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 of the License. These scripts are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License within this tutorial, under the section entitled "GNU General Public License"; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Dedications I would like to dedicate this document to my wonderful sister, niece and brother-in-law for giving me inspiration and feedback. They are a source of joy and a ray of light when I have need of it. Thank you! A special word should also be extended to Ninel for always encouraging my writing and for taking care of me when I needed it the most.
    [Show full text]
  • Linux IP Masquerade HOWTO
    Linux IP Masquerade HOWTO David A. Ranch <dranch@trinnet.net> May 22, 2005 May 22, 2005 This document describes how to enable the Linux IP Masquerade feature on a given Linux host. IP Masquerade is a form of Network Address Translation or NAT which NAT allows internally connected computers that do not have one or more registered Internet IP addresses to communicate to the Internet via the Linux server's Internet IP address. Linux IP Masquerade HOWTO Table of Contents Chapter 1. Introduction......................................................................................................................................1 1.1. Introduction to IP Masquerading or IP MASQ.................................................................................1 1.2. Foreword, Feedback & Credits.........................................................................................................1 1.3. Copyright & Disclaimer....................................................................................................................2 Chapter 2. Background Knowledge..................................................................................................................3 2.1. What is IP Masquerade?...................................................................................................................3 2.2. Current Status...................................................................................................................................3 2.3. Who Can Benefit From IP Masquerade?..........................................................................................4
    [Show full text]
  • Iptables Tutorial 1.2.2
    Iptables Tutorial 1.2.2 Oskar Andreasson oan@frozentux.net Iptables Tutorial 1.2.2 by Oskar Andreasson Copyright © 2001-2006 Oskar Andreasson Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1; with the Invariant Sections being "Introduction" and all sub-sections, with the Front-Cover Texts being "Original Author: Oskar Andreasson", and with no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". All scripts in this tutorial are covered by the GNU General Public License. The scripts are free source; you can redistribute them and/or modify them under the terms of the GNU General Public License as published by the Free Software Foundation, version 2 of the License. These scripts are distributed in the hope that they will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License within this tutorial, under the section entitled "GNU General Public License"; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Dedications I would like to dedicate this document to my wonderful sister, niece and brother-in-law for giving me inspiration and feedback. They are a source of joy and a ray of light when I have need of it. Thank you! A special word should also be extended to Ninel for always encouraging my writing and for taking care of me when I needed it the most.
    [Show full text]
  • A Recursive Session Token Protocol for Use in Computer Forensics and TCP Traceback
    A Recursive Session Token Protocol For Use in Computer Forensics and TCP Traceback Brian Carrier Clay Shields Center for Education and Research in Department of Computer Science Information Assurance and Security (CERIAS) Georgetown University Purdue University Washington, D.C., 20007 West Lafayette, IN 47907 clay@cs.georgetown.edu carrier@cerias.purdue.edu C C 0 1 C n−1 We present the Session TOken Protocol (STOP) [5], which H H H H H 0 1 2 n−1 n is based on the ident protocol, and helps forensic investiga- tion of stepping-stone chains while protecting the privacy of H H Fig. 1. Connection chain example between 0 and n users. STOP saves application-level data about the process and user that opened the socket, and can also send requests to pre- vious hosts to identify other hosts in the chain. At each stage, Abstract— We introduce a new protocol designed to assist in the forensic a hashed token is returned; at no point in the protocol does the investigation of malicious network-based activity, specifically ad- requester ever directly learn user or process data. Instead, they dressing the stepping-stone scenario in which an attacker uses a must redeem the token to the system administrator who can de- chain of connections through many hosts to hide his or her iden- termine the merit of releasing user information. Random ses- tity. Our protocol, the Session TOken Protocol (STOP), enhances sion IDs in the requests allow cycle detection. Additionally, the Identification Protocol (ident) infrastructure by sending re- cursive requests to previous hosts on the connection chain.
    [Show full text]
  • Lista.Txt Thu Jan 01 10:19:02 2015 1 0Ad-Data 2Ping 2Vcard 389
    lista.txt Thu Jan 01 10:19:02 2015 1 0ad-data 2ping 2vcard 389-console 3dchess 3depict 4digits 4g8 4store 6tunnel 7kaa-data 8086tiny 8086tiny-dev 9base 9menu 9wm a2jmidid a2ps a56 a7xpg a7xpg-data aa3d aajm aaphoto abacas abby abcde abcm2ps abcmidi abcmidi-yaps abe abe-data abgate abi-compliance-checker abicheck abinit abinit-doc abiword abiword-common abiword-dbg abiword-plugin-grammar abiword-plugin-mathview abntex abook abootimg abr2gbr abraca abs-guide abtransfers abuse abuse-lib abuse-sfx accerciser accessodf accountsservice acct ace-gperf ace-netsvcs ace-of-penguins acedb-other acedb-other-belvu acedb-other-dotter aces3 acetoneiso acfax lista.txt Thu Jan 01 10:19:02 2015 2 acgvision-agent acheck acheck-rules acheck-rules-fr achilles ack ack-grep acl acl2 acl2-books acl2-books-certs acl2-books-source acl2-doc acl2-emacs acl2-infix acl2-infix-source acl2-source aclock.app acm aconnectgui acorn-fdisk acoustid-fingerprinter acpi-support acpi-support-base acpid acpitool acpitool-dbg actionaz activemq activity-log-manager activiz.net-doc activiz.net-examples ada-reference-manual-2005 ada-reference-manual-2012 adabrowse adacgi1 adacontrol adanaxisgpl adanaxisgpl-data addresses-goodies-for-gnustep addresses.framework addressmanager.app addressview.framework adduser adept adjtimex adlint admesh adminer adns-tools adonthell-data adplay adplug-utils adun.app advancecomp advene advi advi-examples adzapper aegis aegis-doc aegis-tk aegis-web aegisub aegisub-l10n lista.txt Thu Jan 01 10:19:02 2015 3 aeolus aephea aes2501-wy aesfix aeskeyfind aeskulap
    [Show full text]