A protocol to set up shared secret schemes without the assistance of a mutually trusted par

l2tp mac 密钥英文回答：L2TP (Layer 2 Tunneling Protocol) is a widely used VPN (Virtual Private Network) protocol that allows users to establish secure connections over the internet. In order to ensure the security of the L2TP connection, a pre-shared key (PSK) is required. The PSK is a secret key that is shared between the client and the server to authenticate and encrypt the data transmitted over the connection.To set up L2TP on a Mac and configure the PSK, follow these steps:1. Open the "System Preferences" on your Mac.2. Click on "Network" to open the network settings.3. Click on the "+" button at the bottom left to add a new network connection.4. Select "VPN" as the interface and choose "L2TP over IPSec" as the VPN Type.5. Enter a name for the connection in the "Service Name" field.6. In the "Server Address" field, enter the IP address or domain name of the VPN server you want to connect to.7. Click on the "Authentication Settings" button to configure the PSK.8. In the "Shared Secret" field, enter the PSK provided by your VPN service provider.9. Optionally, you can also enter your username and password if required by the VPN server.10. Click on "OK" to save the settings.11. Click on "Apply" to apply the changes.Once the L2TP connection is set up with the correct PSK, you can now connect to the VPN server by selecting the connection from the network menu on your Mac's menu bar.中文回答：L2TP（第二层隧道协议）是一种广泛使用的VPN（虚拟专用网络）协议，允许用户在互联网上建立安全连接。

Ipsec VPN调研总结一、Ipsec原理Ipsec vpn指采用IPSec协议来实现远程接入的一种VPN技术，IPSec全称为Internet Protocol Security，是由Internet Engineering Task Force (IETF) 定义的安全标准框架，用以提供公用和专用网络的端对端加密和验证服务。

Ipsec是一个协议集，包括AH协议、ESP协议、密钥管理协议（IKE协议）和用于网络验证及加密的一些算法。

1、IPSec支持的两种封装模式传输（transport）模式：只是传输层数据被用来计算AH或ESP头，AH或ESP头以及ESP加密的用户数据被放置在原IP包头后面。

隧道（tunnel）模式：用户的整个IP数据包被用来计算AH或ESP头，AH或ESP头以及ESP加密的用户数据被封装在一个新的IP数据包中。

2、数据包结构◆传输模式：不改变原有的IP包头，通常用于主机与主机之间。

◆隧道模式：增加新的IP头，通常用于私网与私网之间通过公网进行通信。

3、场景应用图4、网关到网关交互图5、Ipsec体系结构：6、ipsec中安全算法●源认证用于对对等体的身份确认,具体方法包含:PSK(pre-share key);PK3(public key infrustructure公钥基础设施)数字证书,RSA等,后两种为非对称加密算法。

●数据加密对传输的数据进行加密,确保数据私密性,具体对称加密算法包含:des(data encrypt standard)共有2种密钥长度40bits,56bits,3des密钥长度为56bits的3倍;aes(advanced encrypted standard)AES 加密共有三种形式，分为AES 128（128-bit 长度加密），AES 192（192-bit 长度加密）以及AES 256（256-bit 长度加密）。

●完整性校验对接收的数据进行检查,确保数据没有被篡改,主要使用hash算法(HMAC hashed message authentication code),包含MD5(message digest输出128bit校验结果);SHA-1(secure hash algorithm 1)输出160bits校验结果。

navicat ssh 隧道原理英文回答：The principle behind Navicat SSH tunnel is to establish a secure connection between the local machine and the remote server through an encrypted tunnel. This allows the user to access the remote database securely as if it were on the local machine.When setting up an SSH tunnel in Navicat, the user needs to provide the SSH server information, including the host, port, username, and password. Navicat will then establish a secure SSH connection to the server.Once the SSH connection is established, Navicat will create a tunnel between the local machine and the remote server. This tunnel acts as a secure channel through which data can be transmitted between the two machines. The data sent through the tunnel is encrypted, ensuring its confidentiality and integrity.Navicat uses the SSH protocol to create the tunnel and encrypt the data. The SSH protocol provides a secure way to authenticate and encrypt communication between two machines. It uses public-key cryptography to authenticate the server and establish a shared secret key for encrypting the data.By using an SSH tunnel, Navicat allows users tosecurely access and manage remote databases withoutexposing sensitive information, such as usernames and passwords, to potential attackers. It provides a convenient and secure solution for remote database management.中文回答：Navicat SSH隧道的原理是通过建立一个加密隧道，在本地机器和远程服务器之间建立一个安全连接。

shadowsock 参数英文回答：Shadowsocks is a popular proxy tool that allows users to bypass internet censorship and access blocked websites. It works by creating a secure connection between the user's device and a remote server, through which all internet traffic is routed. This helps to mask the user's IP address and encrypt their data, making it difficult for third parties to monitor or restrict their online activities.To use Shadowsocks, you need to have a Shadowsocks client installed on your device and a Shadowsocks server set up. The client and server communicate using a specific protocol, which is why it's important to ensure that both the client and server are compatible and using the same protocol version.The parameters you need to configure in the Shadowsocks client include the server address, server port, password,and encryption method. The server address is the IP address or domain name of the remote server you want to connect to. The server port is the port number on which the server is listening for incoming connections. The password is a shared secret between the client and server, used to authenticate and encrypt the communication. The encryption method determines how the data is encrypted and decrypted during transmission.For example, let's say I want to set up a Shadowsocks connection to access blocked websites in China. I wouldfirst need to find a Shadowsocks server located outside of China. I would then install a Shadowsocks client on my device and configure it with the server address, server port, password, and encryption method provided by the server administrator. Once everything is set up, I can connect to the Shadowsocks server and start browsing the internet without restrictions.中文回答：Shadowsocks是一种流行的代理工具，允许用户绕过互联网审查并访问被封锁的网站。

•Eavesdropping（窃听）An Eavesdropping attack only passively observe messages.•Modification（篡改）A Modification attack alters or replaces some messages.•Replay / Preplay （重放）The attacker sends a message that it has observed as part of the protocol run.•Man-in-the-Middle（中间人）In a Man-in-the-Middle attack the attacker gets in the middle of a real run of a protocol. •Reflection（反射）Reflection attacks are a kind of replay attack that use a protocol against itself.•Denial of Service（拒绝服务）A DoS attack tries to use up all of a severs CPU or memory by making 1,000,000s ofrequests.•Typing Attack（类型攻击）In a typing attack the attacker passes off one type of message as being another. •Cryptanalysis（密码分析）•Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so.•certificate manipulation （证书操纵）modification of the certificate•protocol interaction （协议交互）using a new protocol to interact with a known protocolZero-knowledge proof （零知识证明）• A zero-knowledge proof is a way that a “prover” can prove possession of a certain piece of information to a “verifier” without revealing it.•Selective Disclosure（选择性泄露）（密钥传输）A key transport protocol or mechanism is a key establishment technique where one party creates or obtains a secret key, and then securely transfers it to the other(s)（密钥协商）A key agreement protocol or mechanism is a key establishment technique in which a shared secret key is derived by two (or more) parties as a function of information contributed by, or associated with, each of these, (ideally) such that no party can predetermine the resulting value.******************************概念比较*************************************** 重放与反射比特承诺与抛币：类似于比特承诺，但承诺是随机的。

sm2密钥交换协议流程English Answer：SM2 Key Exchange Protocol.The SM2 key exchange protocol is a cryptographic protocol that allows two parties to establish a shared secret key over an insecure channel. The protocol is based on the SM2 elliptic curve cryptosystem, which is a Chinese national standard.The SM2 key exchange protocol consists of the following steps:1. The initiator (Alice) generates a random number a and computes the point Q = aG, where G is the base point of the SM2 curve.2. Alice sends the point Q to the responder (Bob).3. Bob generates a random number b and computes the point P = bG.4. Bob sends the point P to Alice.5. Alice computes the shared secret key K = aP.6. Bob computes the shared secret key K = bQ.The SM2 key exchange protocol is secure against eavesdropping and man-in-the-middle attacks. This is because the shared secret key is only known to Alice and Bob, and it cannot be computed by an eavesdropper who does not know the random numbers a and b.Chinese Answer：SM2 密钥交换协议。

tlcp密钥协商流程英文回答：TLCP Key Negotiation Process.The Telephony Link Control Protocol (TLCP) is a protocol used in Point-to-Point Protocol (PPP) to negotiate the encapsulation format for Layer 3 traffic and the encryption and authentication algorithms to be used. The TLCP key negotiation process is as follows:1. The client sends a TLCP Configure-Request message to the server, specifying the desired encapsulation format and encryption algorithms.2. The server sends a TLCP Configure-Ack message to the client, acknowledging the receipt of the Configure-Request message and specifying the agreed-upon encapsulation format and encryption algorithms.3. The client sends a TLCP Start-Up message to the server, indicating that it is ready to begin transmitting data.4. The server sends a TLCP Start-Up-Ack message to the client, indicating that it is also ready to begin transmitting data.The TLCP key negotiation process is secure because it uses a hash function to generate a shared secret key that is used to encrypt and authenticate the data traffic. The hash function is a one-way function, meaning that it is impossible to determine the input from the output. This makes it difficult for an attacker to intercept and decrypt the data traffic.中文回答：TLCP密钥协商流程。

snmpget aes decryption error -回复Snmpget AES Decryption Error: Troubleshooting GuideIntroduction:The Simple Network Management Protocol (SNMP) is a widely used protocol for managing and monitoring network devices. It provides a way to collect and organize information about these devices, such as their performance and availability. SNMP uses various security mechanisms to protect the integrity and confidentiality of the data exchanged between the management system and the network devices. One such mechanism is the Advanced Encryption Standard (AES). However, sometimes errors can occur during the AES decryption process, resulting in failed SNMP operations. In this article, we will discuss the possible causes of SNMP AES decryption errors and provide step-by-step troubleshooting guidance.I. Understanding SNMP AES Encryption:AES is a symmetric encryption algorithm utilized by SNMP for securing communication between the manager and the managed devices. This encryption ensures the confidentiality of SNMP messages as they traverse the network. However, AES encryptionrequires both the manager and the devices to have a shared secret key for successful decryption. If the key used during encryption and decryption processes does not match, an error may occur.II. Causes of SNMP AES Decryption Error:1. Incorrect Secret Key:The most common cause of SNMP AES decryption errors is an incorrect secret key. Both the SNMP manager and the devices must have the same key configured. If the key on the manager side does not match the key configured on the devices, decryption will fail, leading to an error. Ensure that the key is correctly configured on both ends.2. Mismatched SNMP Versions:SNMP has multiple versions, such as SNMPv1, SNMPv2c, and SNMPv3. The use of different SNMP versions by the manager and the devices can also result in decryption errors. Ensure that both ends are using the same SNMP version for successful decryption.3. Clock Sync Issues:SNMP relies on timestamps for generating encryption keys andverifying the freshness of the SNMP messages. If the clocks on the manager and the devices are not synchronized or have a significant time difference, the decryption process may fail. It is essential to ensure that the clocks on all devices are accurately synchronized.III. Troubleshooting SNMP AES Decryption Error:1. Verify the Secret Key:Check the SNMP configuration on both the manager and the devices to ensure that the secret key is correctly configured. Make sure that the key matches on both ends. If necessary, regenerate and reconfigure the key.2. Check SNMP Versions:Verify that both the manager and the devices are using the same SNMP version. If not, update the SNMP version on either the manager or the devices to match the other end.3. Synchronize Clocks:Check the clock settings on all SNMP-enabled devices. Ensure that the clocks are synchronized, either manually or using a network time protocol (NTP) server. Correct any time discrepanciesobserved.4. Verify SNMP Configuration:Review the SNMP configuration settings on the manager and the devices. Pay special attention to the authentication and encryption settings. Ensure that AES encryption and appropriate security protocols are enabled and configured correctly.IV. Additional Considerations:1. SNMP Agent Capacity:In some cases, SNMP AES decryption errors may occur due to the limited capacity of the SNMP agent on the managed devices. If the devices are overloaded or experiencing high network traffic, they may struggle to process and decrypt SNMP messages in a timely manner.2. Firmware/Software Updates:Keeping the networking devices up to date with the latest firmware or software updates can help resolve known issues and ensure compatibility with the SNMP management system. Check for any available updates and apply them if necessary.Conclusion:SNMP AES decryption errors can occur due to various reasons, including incorrect secret keys, mismatched SNMP versions, and clock synchronization issues. Troubleshooting these errors involves verifying the secret key, checking SNMP versions, synchronizing clocks, and reviewing SNMP configuration settings. Additionally, considering the SNMP agent capacity and keeping devices updated are important factors to consider. By following the steps provided in this guide, network administrators can diagnose and resolve SNMP AES decryption errors, ensuring smooth and secure communication between SNMP management systems and network devices.。

ssh密钥交换的流程英文回答：SSH key exchange is a process used in Secure Shell (SSH) protocol to establish a secure and encrypted connection between a client and a server. The key exchange process involves the generation, exchange, and verification of cryptographic keys to ensure the security of the communication.The key exchange process typically involves thefollowing steps:1. Key Pair Generation: The client and server each generate a pair of cryptographic keys a public key and a private key. The public key is shared with the other party, while the private key is kept secret.2. Key Exchange: The client sends its public key to the server, and the server sends its public key to the client.This exchange is typically done using the Diffie-Hellmankey exchange algorithm, which allows the two parties to agree on a shared secret without actually exchanging the secret over the network.3. Key Verification: Once the public keys are exchanged, both parties use the received public key to encrypt a message and send it back to the other party. If the other party is able to decrypt the message using thecorresponding private key, it proves that the public key is authentic.4. Session Encryption: After the keys are exchanged and verified, the client and server can use the shared secretto establish an encrypted session for secure communication.The key exchange process ensures that the communication between the client and server is secure and cannot beeasily intercepted or tampered with by malicious entities.中文回答：SSH密钥交换是Secure Shell（SSH）协议中用于在客户端和服务器之间建立安全加密连接的过程。

Fakeroot in ScratchboxTimo Savolatsavola@movial.fiFakeroot in Scratchboxby Timo SavolaCopyright©2004,2005NokiaRevision historyVersion:Author:Description:2005-02-06Savola Based on Device toolsTable of Contents1.Introduction to fakeroot (1)2.Fakeroot in Scratchbox (2)2.1.Known issues (2)3.Debugging (4)4.Building fakeroot (5)5.Implementation of network fakeroot (7)References (8)A.fakeroot1.2.3manual page (9)Chapter1.Introduction to fakerootFakeroot[1]is a utility that runs programs in an environment that looks as if they were run withsuper-user privileges.It is used primarily for settingfile ownerships and modes before packaging them.You can for example create device nodes and store them in a tarball while logged in as a normal user.Ofcourse,the programs run from a fakeroot session cannot really do privileged system calls;fakeroot keepsan in-memory database offile ownerships and such things.Fakeroot was developed by the Debian Project[2]to help in building Debian packages.The Debianpackaging system needs a root environment so that it would be as easy as possible to set up ownershipsand permissions.Fakeroot is released under the GNU General Public License version2[3].Chapter2.Fakeroot in ScratchboxScratchbox[4]introduces new requirements for fakeroot.During the development of Scratchbox anenhanced version of fakeroot was developed with the name fakeroot-net.It was later merged with theupstream project and nowadays Scratchbox uses the upstream codebase.Differences between the default and the Scratchbox version are:•When using sbrsh[5]to implement CPU-transparency in Scratchbox,the command execution canjump from host to target within a fakeroot session.Since both ends use the samefilesystems(via NFS),they must also use the same fakeroot session.This is not possible with the original design that usesSYSV IPC.The Scratchbox version uses TCP/IP sockets for its internal communication.(The TCPversion of the fakeroot command is also available in the Debian package with the name fakeroot-tcp.)Using TCP sockets in fakeroot is not enough to implement network-transparent fakeroot sessions.Thesbrsh server(sbrshd)is used tofilter the information passed between the remote fakeroot environmentand the fakeroot daemon(faked)that keeps the database.The reason for this is explained in Chapter5.•Fakeroot supports saving and loading its internal database in afile.The defaultfile format uses inodenumbers to identifyfiles.Scratchbox uses full path names instead of inodes so that it can reliablycheck the existence of thefiles when loading a database.(The Debian binary package does not shipthis version but the functionality is included in the source package.)Scratchbox provides the fakeroot command,the fakeroot daemon(faked)and a host version of thefakeroot library(libfakeroot).They are sufficient for running host tools in fakeroot,but a target versionof libfakeroot needs to be installed for each Scratchbox target in order to run target binaries in fakeroot.Installing Scratchbox[6]describes how to do that.Scratchbox’s fakeroot is compatible with thelibfakeroot provided by the Debian package,so you can use that aswell.Note:As described above,the fakeroot daemon provided by the Debian package does not use thesame database format as Scratchbox’s version.This should not be a problem though,since thanksto Scratchbox’s binary redirection feature the host version of the fakeroot command is normally usedeven when the target version is installed.Refer to fakeroot’s manual page(Appendix A)for usage instructions.2.1.Known issuesThe fakeroot environment is imposed upon a process by using the C-library’s LD_PRELOADenvironment variable.libfakeroot is preloaded by the dynamic linker whenever it loads a binary.ThisChapter2.Fakeroot in Scratchbox means that fakeroot does not work with statically linked binaries.There is also another side-effect.Since libfakeroot is loaded into the same process image with the “victim”program,they share the samefile descriptor table.Some programs(such as the configure scripts)use hard-coded descriptor numbers.libfakeroot needs onefile descriptor for its communication socket,and if the program starts to use the samefile descriptor,there will be trouble.fakeroot tries to monitor the status of its descriptor so that it can open a new socket if the descriptor has been changed.If you start seeing messages about hijackedfile descriptors,you can try to make fakeroot use some other file descriptor with the--fd-base option.Its default value is(descriptor_table_size-100).Chapter3.DebuggingThe fakeroot daemon can be launched with debug enabled and left running on the foreground:$faked--debug--foreground33366:5027Thefirst number is the TCP/IP port it listens to,and the second number is its process ID.Now,in anotherterminal,setup a fakeroot session manually that uses the daemon we started:$export FAKEROOTKEY=33366$export LD_PRELOAD=/scratchbox/tools/lib/libfakeroot-tcp.so.0Now you can run programs in the hand-made fakeroot session and see the daemon’s cryptic debug outputin the other terminal.This way you can also use a debugger to debug a program within a fakerootenvironment.Note:/scratchbox/tools/lib/libfakeroot-tcp.so.0is the host version.If you are runningtarget binaries,you should set LD_PRELOAD to/usr/lib/libfakeroot/libfakeroot-tcp.so.0.When using a remote fakeroot session,the communication can be traced using the sbrsh daemon’s debuglog.See Scratchbox Remote Shell[5]for instructions.Chapter4.Building fakerootThis chapter contains instructions for building fakeroot from source code using Scratchbox’sconfiguration options.You shouldn’t normally need to do that,since fakeroot is included in Scratchboxand all toolchains ship libfakeroot binaries for their target architectures.See Installing Scratchbox[6]and Scratchbox toolchains[7]for more information.Fakeroot should be cross-compiled inside Scratchbox.The fakeroot source package is available in the/scratchbox/packages directory in the Scratchbox installation,but you can also download it fromDebian[7].Here fakeroot is compiled for a preconfigured Scratchbox target:1.Extract the fakeroot source package:[sbox-HOST:~]>tar xfz/scratchbox/packages/fakeroot_1.2.3.tar.gz2.Select the target your wish to compile for:[sbox-HOST:~]>sb-conf select ARM3.Go to the source directory:[sbox-ARM:~]>cd fakeroot-1.2.34.Configure fakeroot using the options used by Scratchbox:[sbox-ARM:~/fakeroot-1.2.3]>./configure\--prefix=/usr--mandir=/usr/share/man--libdir=/usr/lib/libfakeroot\--program-suffix=-tcp--with-ipc=tcp--with-dbformat=pathNote:Fakeroot uses the/usr/lib/libfakeroot directory for its real libraries.A fake library isinstalled to/usr/lib to work around a bug in an old version of the dynamic linker.5.Build the real libfakeroot-tcp and install it along with the fakeroot-tcp command on the target:[sbox-ARM:~/fakeroot-1.2.3]>make[sbox-ARM:~/fakeroot-1.2.3]>make install6.Clean the configuration and go to the fake directory:[sbox-ARM:~/fakeroot-1.2.3]>make distclean[sbox-ARM:~/fakeroot-1.2.3]>cd fake7.Configure the fake fakeroot:Chapter4.Building fakeroot[sbox-ARM:~/fakeroot-1.2.3/fake]>../configure\--prefix=/usr--mandir=/usr/share/man\--program-suffix=-tcp8.Build and install the fake libfakeroot-tcp:[sbox-ARM:~/fakeroot-1.2.3/fake]>make[sbox-ARM:~/fakeroot-1.2.3/fake]>make install9.We won’t be building the non-TCP version so let’s link it to the TCP version:[sbox-ARM:~/fakeroot-1.2.3/fake]>ln-sf fakeroot-tcp/usr/bin/fakeroot10.If you are using the Debian devkit,you can also build a binary package for Debian:[sbox-ARM:~/fakeroot-1.2.3/fake]>make distclean[sbox-ARM:~/fakeroot-1.2.3/fake]>cd..[sbox-ARM:~/fakeroot-1.2.3]>dpkg-buildpackage-rfakeroot-b Note:It is important to note that the Debian package uses the non-TCP version as the defaultfakeroot command.Also,neither version is configured with the--with-dbformat=path option.Y ou can change the configure options by editing the debian/rulesfile.If you do that,youshould also change the package name and/or the package version to reflect the incompatibility with the standard Debian package.Note:The Debian package needs the“sharutils”package for running its tests.Scratchbox does not provide this package,so you mightfirst need to install it on the target:[sbox-ARM:~/fakeroot-1.2.3]>apt-get update[sbox-ARM:~/fakeroot-1.2.3]>apt-get install sharutilsChapter5.Implementation of network fakeroot faked maintains a list of entries based on their device and inode numbers of thefiles that have beenmodified during a fakeroot session.The entries contain a data structure that is essentially the same as theone used by the stat system call.The TCP version introduces an additional remotefield in the entry,which works like a“namespace”for the devices and inodes.Allfiles on the localfilesystems belog to thedefault namespace(remote is not set).When a remote command is run within a fakeroot session,sbrsh resolves the device numbers of the NFSfilesystems that are listed in its configfile for the used target.If they are not exported by the local hostbut some third host,it tries tofind out if the NFSfilesystems are mounted on the local host and use thedevice numbers of the mount points.sbrshd receives the list of mount entries andfinds out what their device numbers are on the target device.Then it creates a relay process that listens for connections from local fakeroot sessions.When it receivesone,it makes a corresponding connection to the faked running on the Scratchbox host.It maintains asmany connection pairs as there are processes running within the local fakeroot session.The relay copiesmessages from the local session to the remote daemon and responses from the daemon to the session,and translates the device numbers in the messages between the local and remote device number“spaces”.If the relayfinds an unlisted device number in one of the incoming messages,it does not translate it butsets the value of the remotefield to the IP address of the host it is running at.This way faked can serveunknownfilesystems without the danger of device number/inode collisions.References[1]fakeroot(/).[2]The Debian Project(/).[3]GNU General Public License(/copyleft/gpl.html).[4]Scratchbox website(/).[5]Scratchbox Remote Shell(/documentation/docbook/sbrsh.html),Timo Savola.[6]Installing Scratchbox(/documentation/docbook/installdoc.html),ValtteriRahkonen.[7]Scratchbox toolchains(/documentation/docbook/toolchain.html),RicardoKekki.[7]Debian—fakeroot(/fakeroot).Appendix A.fakeroot1.2.3manual pagefakeroot(1)Debian manual fakeroot(1)NAMEfakeroot-run a command in an environment faking root privileges forfile manipulationSYNOPSISfakeroot[-l|--lib library][--faked faked-binary][-i load-file][-ssave-file][-u|--unknown-is-real][-b|--fd-base][-h|--help][-v|--version][--][command]DESCRIPTIONfakeroot runs a command in an environment wherein it appears to haveroot privileges for file manipulation.This is useful for allowingusers to create archives(tar,ar,.deb etc.)with files in them withroot permissions/ownership.Without fakeroot one would need to haveroot privileges to create the constituent files of the archives withthe correct permissions and ownership,and then pack them up,or onewould have to construct the archives directly,without using thearchiver.fakeroot works by replacing the file manipulation library functions(chmod(2),stat(2)etc.)by ones that simulate the effect the reallibrary functions would have had,had the user really been root.Thesewrapper functions are in a shared library/usr/lib/libfakeroot.so*which is loaded through the LD_PRELOAD mechanism of the dynamic loader.(See ld.so(8))If you intend to build packages with fakeroot,please try building thefakeroot package first:the"debian/rules build"stage has a few tests(testing mostly for bugs in old fakeroot versions).If those tests fail(for example because you have certain libc5programs on your system),other packages you build with fakeroot will quite likely fail too,butpossibly in much more subtle ways.Also,note that it’s best not to do the building of the binaries them-selves under fakeroot.Especially configure and friends don’t like itwhen the system suddenly behaves differently from what they expect.(or,they randomly unset some environment variables,some of whichfakeroot needs).OPTIONS-l library,--lib librarySpecify an alternative wrapper library.--faked binarySpecify an alternative binary to use as faked.[--]commandAny command you want to be ran as e’--’if in thecommand you have other options that may confuse fakeroot’soption parsing.-s save-fileSave the fakeroot environment to save-file on exit.This filecan be used to restore the environment later using-i.However,this file will leak and fakeroot will behave in odd ways unlessyou leave the files touched inside the fakeroot alone when out-side the environment.Still,this can be useful.For example,itcan be used with rsync(1)to back up and restore whole directorytrees complete with user,group and device information withoutneeding to be root.See/usr/share/doc/fakeroot/README.savingfor more details.-i load-fileLoad a fakeroot environment previously saved using-s from load-file.Note that this does not implicitly save the file,use-sas well for that ing the same file for both-i and-s in a single fakeroot invocation is safe.-u,--unknown-is-realUse the real ownership of files previously unknown to fakerootinstead of pretending they are owned by root:root.-b fd Specify fd base(TCP mode only).fd is the minimum file descrip-tor number to use for TCP connections;this may be important toavoid conflicts with the file descriptors used by the programsbeing run under fakeroot.-h Display help.-v Display version.EXAMPLESHere is an example session with fakeroot.Notice that inside the fake root environment file manipulation that requires root privileges suc-ceeds,but is not really happening.$whoamijoost$fakeroot/bin/bash#whoamiroot#mknod hda3b31#ls-ld hda3brw-r--r--1root root3,1Jul222:58hda3#chown joost:root hda3#ls-ld hda3brw-r--r--1joost root3,1Jul222:58hda3#ls-ld/drwxr-xr-x20root root1024Jun1721:50/#chown joost:users/#chmod a+w/#ls-ld/drwxrwxrwx20joost users1024Jun1721:50/#exit$ls-ld/drwxr-xr-x20root root1024Jun1721:50//$ls-ld hda3-rw-r--r--1joost users0Jul222:58hda3Only the effects that user joost could do anyway happen for real.fakeroot was specifically written to enable users to create Debian GNU/Linux packages(in the deb(5)format)without giving them root privileges.This can be done by commands like dpkg-buildpackage -rfakeroot or debuild-rfakeroot(actually,-rfakeroot is default in debuild nowadays,so you don’t need that argument).SECURITY ASPECTSfakeroot is a regular,non-setuid program.It does not enhance a user’s privileges,or decrease the system’s security.FILES/usr/lib/libfakeroot/libfakeroot.so*The shared library containing the wrapper functions.ENVIRONMENTFAKEROOTKEYThe key used to communicate with the fakeroot daemon.Any pro-gram started with the right LD_PRELOAD and a FAKEROOTKEY of arunning daemon will automatically connect to that daemon,andhave the same"fake"view of the file system’s permissions/own-erships.(assuming the daemon and connecting program werestarted by the same user).LIMITATIONSLibrary versionsEvery command executed within fakeroot needs to be linked to thesame version of the C library as fakeroot itself.open()/create()fakeroot doesn’t wrap open(),create(),etc.So,if user joostdoes eithertouch foofakerootls-al fooor the other way around,fakeroottouch fools-al foofakeroot has no way of knowing that in the first case,the ownerof foo really should be joost while the second case it shouldhave been root.For the Debian packaging,defaulting to givingall"unknown"files uid=gid=0,is always OK.The real way aroundthis is to wrap open()and create(),but that creates otherproblems,as demonstrated by the libtricks package.This packagewrapped many more functions,and tried to do a lot more thanfakeroot.It turned out that a minor upgrade of libc(from onewhere the stat()function didn’t use open()to one with a stat()function that did(in some cases)use open()),would cause unex-plainable segfaults(that is,the libc6stat()called thewrapped open(),which would then call the libc6stat(),etc).Fixing them wasn’t all that easy,but once fixed,it was just amatter of time before another function started to use open(),never mind trying to port it to a different operating system.Thus I decided to keep the number of functions wrapped by fake-root as small as possible,to limit the likelihood of’colli-sions’.GNU configure(and other such programs)fakeroot,in effect,is changing the way the system behaves.Programs that probe the system like GNU configure may get con-fused by this(or if they don’t,they may stress fakeroot somuch that fakeroot itself becomes confused).So,it’s advisablenot to run"configure"from within fakeroot.As configure shouldbe called in the"debian/rules build"target,running"dpkg-buildpackage-rfakeroot"correctly takes care of this.BUGSIt doesn’t wrap open().This isn’t bad by itself,but if a program does open("file",O_WRONLY,000),writes to file"file",closes it,and then again tries to open to read the file,then that open fails,as the mode of the file will be000.The bug is that if root does the same,open() will succeed,as the file permissions aren’t checked at all for root.I choose not to wrap open(),as open()is used by many other functions in libc(also those that are already wrapped),thus creating loops(or possible future loops,when the implementation of various libc func-tions slightly change).COPYINGfakeroot is distributed under the GNU General Public License.(GPL 2.0 or greater).AUTHORSjoost witteveen<joostje@>Clint Adams<schizo@>Timo SavolaMANUAL PAGEmostly by J.H.M.Dassen<jdassen@>Rather a lot mods/addi-tions by joost and Clint.SEE ALSOfaked(1)dpkg-buildpackage(1),debuild(1)/usr/share/doc/fakeroot/DEBUG Debian Project6August2004fakeroot(1)。

移动通信术语英文缩写对照大全3G-MSC 3rd Generation Mobile Switching Centre 第三代移动交换中心3G-SGSN 3rd Generation Serving GPRS Support Node 第三代服务GPRS 的节点3GPP 3rd Generation partnership project 3 代合作项目AAL2 ATM Adaptation Layer type 2 ATM 适配层2 AAL5 ATM Adaptation Layer type 5 ATM 适配层5 A CIR Adjacent Channel Interference Ratio 邻道干扰比ACLR Adjacent Channel Leakage power Ratio 邻道泄漏功率比ACS Adjacent Channel Selectivity 邻道选择性210ALCAP Access Link Control Application Part 接入链路控制应用部分AMC Adapt Modulation Coding 自适应调制编码ARQ Automatic Repeat Request 自动重复请求ASN.1 Abstract Syntax Notation One 抽象语义描述1ATM Asynchronous Transfer Mode 异步传输模式AuC Authentication Centre 鉴权中心BCH Broadcast Channel 广播信道BCCH Broadcast Control Channel 广播控制信道BER Bit Error Rate 误比特率BGCF Breakout Gateway Control Function 突破网关控制功能BSC Base Station Controller 基站控制器BSS Base Station Subsystem 基站子系统BTS Base Transceiver Station 基站收发机CC Call Control 呼叫控制CCCH Common Control Channel 公共控制信道CCH Control Channel 控制信道CCPCH Common Control Physical Channel 公共控制物理信道CDMA Code Division Multiple Access 码分多址CDMA TDD CDMA Time Division Duplex 码分多址时分双工CFN Connection Frame Number 连接帧号CM Connection Management 连接管理CN Core Network 核心网CQI Channel Quality Indicator 信道质量指示CRC Cyclic Redundancy Check 循环冗余检验CRNC Controlling Radio Network Controller 控制的无线网络控制器CS Circuit Switched 电路交换CSCF Call Server Control Function 呼叫服务器控制功能DCA Dynamic channel allocation 动态信道分配DCCH Dedicated Control Channel 专用控制信道DCH Dedicated Transport Channel 专用传输信道DL Downlink 下行链路DOA Direction Of Arrival 到达方向DPCH Dedicated Physical Channel 专用物理信道DRNC Drift Radio Network Controller 漂移无线网络控制器DRNS Drift RNS 漂移RNSDS CDMA Direct Spreading CDMA直接扩频码分多址DSCH Down-link Shared Channel 下行共享信道DTCH Down-link Traffic Channel 下行业务信道DwPCH Downlink Pilot Channel 下行导频信道DwPTS Downlink Pilot Time Slot 下行导频时隙EIR Equipment Identity Register 设备标识寄存器EP Elementary Procedure 基本过程FACH Forward Access Channel 前向接入信道211FDD Frequency Division Duplex 频分双工FFS For Further Study 进一步研究FP Frame Protocol 帧协议FPACH Fast Physical Access Channel 快速物理接入信道FT Frame Type 帧类型GGSN Gateway GPRS Support Node GPRS 网关支持节点GMM GPRS Mobility Management GPRS 移动性管理GMSC Gateway MSC 网关移动业务中心GPRS General Packet Radio Service 通用分组无线业务GPS Global Positioning System 全球定位系统GRR GPRS Radio Resources GPRS 无线资源GSM Global System for Mobile Communication 全球移动通信系统GTP GPRS Tunneling Protocol GPRS 隧道协议HARQ Hybrid Automatic Repeat Request 混合自动重复请求HFN Hyper Frame Number 超帧号HLR Home Location Register 归属位置寄存器HSDPA High Speed Downlink Packet Access 高速下行分组接入HSS Home Subscriber Server 归属用户服务器IMSI International Mobile Subscriber Identity 国际移动用户标识码IMT-2000 International Mobile Telecommunications 2000 国际电联命名3 代移动通信系统IP Internet Protocol 因特网协议IS-2000 IS-95 Evolution Standard (cdma2000) cdma2000 ITU International Telecommunication Union 国际电联L1 Layer 1 层 1 L2 Layer 2 层 2 LAN Local Area Network 本地网络LMU Location Measurement Unit 位置测量单元MAC Medium Access Control 媒质接入控制MAP Mobile Application Part 移动应用部分MC CDMA Multiple Carrier CDMA多载波码分多址MC TDMA Multiple Carrier TDMA 多载波时分多址ME Mobile Equipment 移动设备MGCF Media Gateway Control Function 媒体网关控制功能MGW Media Gateway 媒体网关MIB Master Information Block 控制信息块Mcps Mega Chip Per Second 每秒兆ChipMM Mobility Management 移动性管理MPLS MultiProtocol Label Switching 多协议标签交换MRF Media Resource Function 媒体资源功能MRFC Media Resource Function Controller 媒体资源功能控制器MRFP Media Resource Function Processor 媒体资源功能处理器MSC Mobile Services Centre 移动业务中心212MSG Message service type(报文)MTP Message Transfer Part 消息传输部分MTP3-B Message Transfer Part level 3 3 级消息传输部分M3UA MTP3 User Adaptation Layer MTP3 用户适配层NAS Non Access Stratum 非接入层NBAP NodeB Application Part Node B 应用部分O&MOperation and Maintenance 操作维护PC Power Control 功率控制PCCH Paging Control Channel 寻呼控制信道PCCPCH Primary Common Control Physical Channel 基本公共控制物理信道PCH Paging Channel 寻呼信道PDCCH Physical Downlink Control Channel物理层下行控制信道PDSCH Physical Downlink Shared Channel 物理下行链路共享信道PLMN Public Land Mobile Network 公共陆地移动网PPP Point-to-Point Protocol 点对点协议PRA CH Physical Random Access Channel 物理随机接入信道PS Packet Switched 分组交换PSTN Public Swithed Telephone Network 公共电话交换网络PUSCH Physical Uplink Shared Channel 物理上行链路共享信道QAM Quadrature A mplitude Modulation 正交幅度调制QE Quality Estimate 质量评估QPSK QuadriPhase Shift Keying 四相移键控QoS Quality of Service 业务质量R-SGW Roaming Signalling Gateway 漫游信令网关RAB Radio access bearer 无线接入承载RACH Random Access Channel 随机接入信道RANAP Radio Access Network Application Part 无线接入网应用部分RAT Radio Access Technology 无线接入技术RL Radio Link 无线链路RLC Radio Link Control 无线链路控制RNC Radio Network Controller 无线网络控制器RNS Radio Network Subsystem 无线网络子系统RNSAP Radio Network Subsystem Application Part 无线网络子系统应用部分RNTI Radio Network Temporary Identity 无线网络临时识别RR Radio Resources 无线资源RRC Radio Resource Control 无线资源控制RSVP Resource ReserVation Protocol 资源保留协议RTCP Real Time Control Protocol 实时控制协议RTP Real Time Protocol 实时协议SA Service Area 服务区域SABP service area broadcast protocol 服务区广播协议SAP Service Access Point 服务接入点SBM Subnetwork Bandwidth Management 子网带宽管理SC TDMA Single Carrier TDMA 单载波时分多址SSCF Service Specific Co-ordination Function 特定业务协调功能213SCCP Signalling Connection Control Part 信令连接控制部分SCH Synchronization Channel 同步信道SCCPCH Secondary Common Control Physical Channel 辅助公共控制物理信道SCP Service Control Point 业务控制点SCTP Simple Control Transmission Protocol 简单控制传输协议SFN System Frame Number 系统帧号SGSN Serving GPRS Support Node GPRS 服务支持节点SIB System Information Block 系统信息块SIM Subscriber Identity Module 用户识别模块SLF Subscrīption Location Function 签约位置功能SM Session Management 会话管理SRNC Serving Radio Network Controller 服务无线网络控制SRNS Serving RNS 服务RNSSS7 Signalling System No. 7 7 号信令系统SSCF Service Specific Co-ordination Function 具体业务协调功能SSCF-NNI Service Specific Coordination Function – Network Node Interface 具体业务协调功能网元接口SSCOP Service Specific Connection Oriented Protocol 特定业务面向连接协议.STM Synchronous Transfer Mode 同步传输模式.T-SGW Transport Signalling Gateway 传输信令网关TB Transport Block 传输块TBS Transport Block Set 传输块集TCP Transfer Control Protocol 传输控制协议TDD Time Division Duplex 时分双工TDMA Time Division Multiple Access 时分多址接入TD-SCDMA Time Division Synchronous CDMA 时分同步--码分多址接入TFC Transport Format Combination 传送格式组合TFCI Transport Format Combination Indicator 传送格式组合指示TFCS Transport Format Combination Set 传送格式组合集TFI Transport Format Indicator 传送格式指示TFS Transport Format Set 传送格式集ToA Time of arrival 到达时间TPC Trans mit Power Control 发射功率控制TSN Transmission Sequence Number 传输序列号TTI Transmission Time Interval 传输时间间隔UDP User Datagram Protocol 用户数据报协议UE User Equipment 用户设备UL Uplink 上行链路UMTS Universal Mobile Telecommunication System 陆地移动通信系统UpPTS Uplink Pilot Time slot 上行导频时隙UpPCH Uplink Pilot Channel 上行导频信道USCH Up-link Shared Channel 上行共享信道USIM UMTS Subscriber Identity Module UMTS 用户识别模块214 UTRAN UMTS Terrestrial Radio Access Network UMTS 陆地无线接入网VCVirtual Circuit 虚电路VLR Visitor Location Register 访问位置寄存器WAP Wireless Application Protocol 无线应用协议WCDMA Wideband Code Division Multiple Access 宽带cdmaWG Working Group 工作工作组WWW World Wide Web 万维网XRES EXpected user RESponse期待的用户响应。

Wireless LAN SecurityToday and TomorrowBySangram GayalandDr. S. A. Vetha ManickamCenter for Information and Network SecurityPune UniversityTable of Contents1. Introduction (3)2. Wireless LANs (3)2.1 Types of Wireless LANS (3)Stack (4)2.2 Protocol2.3 The 802.11 Physical Layer (5)2.4 802.11 MAC layer (5)3. Security Features of Wireless LANs (6)3.1 Authentication (7)3.2 Association (7)3.3 Encryption and Decryption-The WEP Protocol (8)4. Known Attacks on WEP (10)Type of Attacks (10)Decryption Dictionaries (11)Message Modification (12)Message Injection (13)Authentication Spoofing (13)Message Decryption (14)Man in the Middle Attack (16)Tools available for attacking WLANs (16)Summary of 802.11 vulnerabilities (17)5. Countermeasures (17)5.1 Fake Access points or Honey Pots (18)5.2 Wireless Network Auditing (18)6. Future of Wireless LAN Security (18)6.1 Advanced encryption Standard (AES) (18)6.1 Temporal Key Integrity Protocol (TKIP) (18)6.2 802.1X and Extensible Authentication Protocol (19)References (20)1.IntroductionWireless LANs are a boon for organizations that don't have time to setup wired LANs, make networked temporary offices a reality and remove the wire work that goes on in setting LANs. They are reported to reduce setting up costs by 15%. But, with these benefits come the security concerns.One doesn't need to have physical access to your wires to get into your LANs now. Any attacker, even though sitting in your parking lot, or in your neighboring building, can make a mockery of the security mechanisms of your WLAN.If you don't care about security, then go ahead; buy those WLAN cards/ Access Points. But, if you do, watch out for the developments on the security front of 802.11.As this report and many such others tell, contrary to 802.11's claims, WLANs have very little security. An attacker can listen to you, take control of your laptops/desktops and forge him to be you. He can cancel your orders, make changes into your databases, or empty your credit cards.So, what is the remedy?Don't trust anybody!!!Think like an attacker and take proper countermeasures. Have dynamic system administrators. Those attackers won't be lucky every time! The key is, be informed!2.W ireless LANsWireless LANs (WLANs) are quickly gaining popularity due to their ease of installation and higher employee mobility. Together with PDAs and other mobility devices, they go on to improve the quality of life.2.1Types of Wireless LANSThe part of success behind the popularity of WLANs is due to the availability of the 802.11 standard from IEEE. The standard specifies operation of WLANs in three ways:•Infrastructure Mode: Every WLAN workstation (WS) communicates to any machine through an access point (AP). The machine can be in the same WLAN or connected to the outside world through the AP.•Ad Hoc Network Mode: Every WS talks to another WS directly.•Mixed Network Mode: Every WS can work in the above two modes simultaneously.This is also called the Extended Basic Service Set (EBSS)Fig2.1: Types of WLAN2.2Protocol StackThe protocol stack for WLANs was designed such that existing applications can use them with minor modifications. The top three layers of the stack are same as the other networks.Application LayerTransport LayerNetwork Layer802.11 MAC/Data-link Layer802.11 Physical Layer2.3 The 802.11 Physical LayerThe 802.11 physical layers modulate the data and send it over the air. Three popular standards have emerged since the inception of WLANs, 802.11a, 802.11b, and 802.11g. The comparison between the above standards are given in the following table.Parameter 802.11a 802.11b 802.11gSpeed54 Mbps11Mbps54MbpsFrequency Band 5 GHz 2.4 GHz 2.4 GHz Modulation OFDM DSSS OFDM Distance(Indoor) 18 mts 30 mts 30 mts Distance(Outdoor) 30 mts 120 mts 120 mts No. of simultaneous networks 12 3 3 Availability Came after 802.11b available Widely available in the market To hit the market by mid2002Comments No interference ; less distance due to high frequencies Interference from RF sources like cordless phonesInterference, backwardscompatible with 802.11bTable 2.1 Comparison between 802.11 a, b, g2.4 802.11 MAC layerThe MAC / datalink layer of 802.11(IEEE std., 1) specifies the following features: 1. CRC checksum 2. Fragmentation 3. Auto-Roaming 4. Authentication and Association 5. WEP (Wired Equivalent Security) ProtocolThe data-link layer level encryption was intended to perform Wired Equivalent Security, but attackers have proven all these claims false and hollow. In the subsequent sections, we shall consider the loopholes in WEP.3.Security Features of Wireless LANsA message traveling by air can be intercepted without physical access to the wiring of an organization. Any person, sitting in the vicinity of a WLAN with a transceiver with a capability to listen/talk, can pose a threat. Unfortunately, the same hardware that is used for WLAN communication can be employed for such attacks. To make the WLANs reliable the following security goals were considered:•Confidentiality•Data Integrity•Access ControlThe following security measures are a part of the 802.11 IEEE protocol:•Authentication•Association•EncryptionThe need of a client to be mobile brought in the separation of authentication and association processes. Since a client frequently changes AP boundaries, he can be authenticated to various AP at a given point, yet remains associated to his chosen one. Before a client gets associated to other, he must be first authenticated.Fig 3.1: Authentication & Association3.1Authentication802.11 specify two authentication mechanisms:1 Open system authentication2 Shared key authentication•Open system authenticationA client needs an SSID for successful Association. Any new client that comes in an EBSS area is provided with an SSID. This is equivalent to no security.Fig 3.2: Open System Authentication•Shared system authenticationThe client cannot authenticate himself if he doesn't have the WEP shared secret key. WEP protocol is used for encryption.Fig 3.3: Shared key authentication3.2AssociationAn SSID is used to differentiate two networks logically. To successfully associate to a WS, one must have the SSID of the other WS. This was not intended to be a security feature, and in fact SSID is sent in open in the beacon frame of the AP.3.3Encryption and Decryption-The WEP ProtocolThe WLAN administrator has an option (if the administrator decides to send the packets unencrypted) to make all the communication over the air encrypted, i.e. every frame that is below the Ethernet Header is encrypted using the WEP protocol. The WEP protocol has three components:• A shared secret key, k (40bit /104 bit): The fact that the secret key is shared helps reduce the load on AP, while simultaneously assuming that whoever is given the secret key is a trusted person. This shared key is never sent over the air.802.11 doesn't discuss the deployment of this key onto Work Stations. It has to be installed manually at each WS/AP. Most APs can handle up to four shared secret keys.•Initialization vector, IV (24 bit): IV is a per-packet number that is sent in clear over the air. This number is most effective if generated randomly, because it is used as one of the inputs to the RC4 algorithm. 802.11 don’t specify generation of IV. Infact, many cards generate IVs in linear fashion, i.e., 1,2,3…•RC4 algorithm, RC4 (IV, k): This algorithm is used to generate a key stream K, length equal to that of the message to be transmitted by the data-link layer. It takes the IV and k as inputs.Fig 3.4: Encryption & Decryption on WEP•EncryptionAn IV is chosen on a per-packet basis and is sent along with the Ethernet header.P = <M,c(M)>K = RC4(IV,k)C = P⊕KwhereM : Message to be sent; contains all layers upto the network layer P : PlaintextC : Cipher text transmitted over the air•DecryptionThe IV is extracted from the header and is used to find the K.P'=C⊕K = <M',(c(M))'>It is checked ifc(M')=(c(M))' and the plaintext, P' is accepted.4.K nown Attacks on WEPWEP is considered to be very vulnerable to attackers. Any attacker sitting in the parking lot of a building can attack the building's WLAN security. This is unlike the wired case whereby the attacker needs a physical access to the wires. The following known attacks have been employed on WEP.Type of AttacksThe following known attacks are known to be effective:•Passive Attacks1 Dictionary based attacks2 Cracking the WEP key•Active attacks1 Authentication Spoofing2 Message Injection3 Message Modification4 Message Decryption5 Man in the Middle AttackAs with other networks, the active attacks are riskier but provide greater powers to the attacker.Passive Attacks Active attacksNo risk involved RiskierNo need to be the part of networks, because the WLAN cards support monitor mode, whereby one can listen to the communication without being a part of the network The attacker has to first get into the network, before doing damagesThe attacker can only listen to whatever is going on. He can not fiddle with the network The attacker can interrupt, hijack and control the network at his willTable 4.1. Passive vs. Active attacksDecryption DictionariesThe attacker passively sniffs every packet of the victim. He keeps storing the ciphertext along with the corresponding IV. Whenever the same IV repeats, he has two ciphertexts for the corresponding IV. As shown in the figure he has C31,0 and C31,1 for K 31C31,1⊕ C31,0 = P31,1⊕ P31,0Using classical techniques it is possible to find a and b from a ⊕ b. Thus the attacker can get the knowledge of P31,0 ,P31,1 and K31 provided he has patience and resources to do it.IV Ciphertext1IV0 C0,.... ....IV31 C0,31.... ....IVN C0,NTable 4.2. A Decryption Dictionary3.3 Cracking the WEP key (The working of Airsnort)This passive attack is used to find the secret key, k. The attack is based on the premise that some weak IVs exist (Fluhrer et. al., 2 ), i.e. they reveal information of a byte x of k. The following facts/assumptions are used:•The first byte of plaintext is known, it happens to be 0xAA for ARP and IP packets. We thus know the first byte K1 of the key stream K.•K1 is enough to find the byte x of k.•All the bytes of k prior to x have been deciphered correctly.•The probability of finding byte x of k correctly is more than 0.05.We illustrate here, with an example, the working of the attack:1. We take a packet and keep its IV.2. There can be two cases (Function classify of crack.c of Airsnort, 5)•If it is not a weak IV we dump it.•If it is a weak IV, we find that it helps us in finding 6th byte of k3. We calculate the value of 6th byte (Function key Guess of it RC4.c of Airsnort, 5).We find out that this weak IV w.r.t 6th byte of k calculates k6 to 0x67. We keep this Value of k6 in a table (because the calculated value 0x67 may be wrong).4Such a table keeps filling. After sufficient entries, we find that the calculated value0x67 of k6 is correct because it occurred the maximum times.5 After finding all the bytes of k, we make a try on all the packets, used above, bydecrypting them and checking whether indeed, CRC(M) is consistent for all ofthem.(This step is same as the decryption method described earlier)Fig 4.1: Working of AirsnortValue Value Value Value Value Value ByteNo. ofk.... .... .... .... .... .... ....6 0x67 0xab 0x37 0x67 0x67 0x20.... .… .... .... .... .... ....Table 4.3. Working of AirsnortThe actual number of packets needed to crack the WEP key was not checked by us ,but reports say that it can be done in a matter of a few hours for 40-bit secret key and a matter of days for 104-bit secret key.Message ModificationThis active attack is used to change a particular part of the message M that is known to the attacker, along with its position in the packet. This field can be an email ID, HTML form.Fig 4.2: Message ModificationThe attacker doesn't need to have the knowledge of key stream K or the secret key k for the attack. The attack is based on the fact that CRC(M) is an unkeyed function of MMessage InjectionThe attack assumes that the attacker has a pair of K, IV. This pair can be reused over and over again without arousing suspicions, because there is no mechanism to check continuous repetition of IVs. Again the fact that CRC (M) is an unkeyed function of M.Fig 4.3: Message InjectionAuthentication SpoofingThis attack is another form of Message Injection. By sniffing the shared key authentication process, the attacker knows a pair of Plaintext (Random Challenge) and Cipher text (Challenge Response) and the corresponding IV. Thus he knows the required <IV, K> pair. This pair can be used for authentication purposes.Fig 4.4: Authentication Spoofing Message DecryptionThere are two methods of decrypting the message by active attacks.1. IP Redirection2. Reaction Attack• IP RedirectionThis attack is an extension to message modification. The attacker modifies the destination IP in the IP header of the packet. By doing this, the attacker sends a packet from WEP encrypted zone to No WEP Zone , where he holds a machine .Fig 4.5: IP RedirectionTo do this he has to make changes in the IP Header Checksum. In most cases the initial IP Checksum is not known although the attacker is assumed to have the initial destination IP address. So the attacker keeps sending packets with various values of checksum till he gets the packet across to his machine in No WEP Zone.We did a simulation of this attack. The number of packets required, as a function of initial and final destination IPs, before getting a hit is open for interpretation.•Reaction AttackThis attack only works for TCP Packets.If TCP checksum is valid w.r.t. to the checksum, an ack is sent, otherwise the packet is dropped silently. This attack is based on the receiver’s willingness to decrypt arbitrary cipher text and feed them to another component of the system that leaks a tiny bit of information about it's inputs. The attack is rightly called reaction attack as it works by monitoring the recipient’s reaction to our forgeries.Fig 4.6: Reaction AttackWe have coded a simulation that verifies the property of TCP checksum that if bits P i and P i+16 are complements of each other then putting complemented values into each, P i and P i+16 doesn't affect the TCP checksum. Thus, the attack works in following fashion:1. Take complements of C i and C i+16.2. Make appropriate changes in the CRC checksum (this is not to be confused with the IP or TCP checksums) of message, CRC (M), and send the packet to the recipient.3. There are two cases:1.ACK received: P i and P i+16} were complements of each other.2. No ACK: P i and P i+16 were same.We didn’t test the actual effectiveness of this attack.Man in the Middle AttackThis is a standard attack employed on all sorts of networks. In WLANs, the attack works in the following fashion:Fig 4.7: Man in the MiddleSteps in Man in Middle attack:1.The attacker sets up a fake AP near to existing AP using a WS to masquerade networklogons.2.The user connects, in error, to the fake AP, and enters username and password.3.The intruder collects data and informs user of incorrect password, then sleeps for fiveminutes, and successfully logs on to the real AP.Tools available for attacking WLANsThese are few of the tools that are available for attacking the WLANs:1. Airsnort (Linux) - cracks the WEP key.2. WEPCrack (Linux) - cracks the WEP key.3. NetStumbler (Windows) - finds the network parameters like, SSID, Channels, MACAddresses, Type of Encryption used, Vendor of the card, tells the default secret key of the vendor can be used with a GPS for locating APs.4. Kismet (Linux) - a WLAN sniffer5. Thc-Wardrive (Linux) - for war driving6. dsniff (Linux) - counterpart of NetStumbler7. dstumbler (FreeBSD) - counterpart of NetStumblerSummary of 802.11 vulnerabilitiesThe following 802.11 vulnerabilities come out on the basis of the known attacks •SSID is required for associating a WS to an AP, and it is in the beacon frame. So, anyone can get it easily.•IV size is very small.•Many vendors increase the IVs in a linear fashion(0,1,2,3..)•An IV that has occurred before is bound to occur after 2^{24} times, and infact after 5000 packets due to birthday paradox. This infact make the dictionary attack possible, because this translates to keeping a data of 2^{24}* 1500 = 16 GB.•The strength of stream ciphers is based on the fact that a same seed never repeats, while the contrary has been described in the above point.•Despite knowing that a secret key should be changed frequently, no known mechanisms have come for good key management.•Only four secret keys are generally used in a network simultaneously, that too, most people don't change them from the default key provided by the vendor.•CRC(M) is an unkeyed function of M, message.•In the next chapter, we have recommended ACLs, but even MAC address spoofing can fool them.5.CountermeasuresIf there are vulnerabilities, then there are their countermeasures also, which cannot overcome them fully but can protect to a great extent.Here are few countermeasures, which can help a lot in retaining security of WLAN.!Do not trust WLAN and work under the coverage of a VPN (Virtual Private Networks).!Maintain a good key management system, which changes the key before the sufficient no of packets required for cracking the key are transmitted.!Increasing the bit length of IV and secret key is also a partial solution.!Use of strong algorithm like AES!Making the checksum of the message a keyed function, using algorithms like HMAC: keyed Hashing.!Configuring AP for allowing only few MAC addresses, which are there in his Access Control Lists (ACLs).!Define the ACL depending upon Signal strength.!One must take care of the physical security also. You should take care that no unauthorized person gets access of your laptop or any Work Station, which is in the network because he can just copy the secret key.!Enable RADIUS or Kerberos authentication for workstation to Access Point.!Enable IPSec or Application level encryption for secure data communications5.1Fake Access points or Honey Pots.Honey pots are devices placed on the periphery of a network for luring attackers to compromise them. By making attackers send their energy and resources on honey pots, effectively the real network is protected. Wireless honeypots consist of devices that transmit fake beacon frames. These devices emulate hundreds of fake access points, this results that the attacker is confused and tries to connect to any one of the fake access points. The attacker activity can be logged and studied. This also protects the network from attackers by hiding the network behind a mask.5.2Wireless Network AuditingWireless network auditing is an important part of WLAN security policy. The network needs to be regularly audited for rouge hardware. In this method the network is scanned and mapped for all access points and WLAN nodes. Then this is compared with previous network map. Commonly available network mapping tools like netstumbler and wavelan-tool can be used to do this.Specialized tools such as Airsnort can be used for WEP cracking and auditing the network for weak keys, key reuse and WEP security settings. These methods include the same tests as those carried out by hackers for breaking into the network.6.Future of Wireless LAN Security6.1Advanced encryption Standard (AES)Advanced Encryption Standard is gaining acceptance as appropriate replacement for RC4 algorithm in WEP. AES uses the Rijandale Algorithm and supports the following key lengths "128 bit"192 bit"256 bitAES is considered to be un-crackable by most Cryptographers. NIST has chosen AES for Federal Information Processing Standard (FIPS). In order to improve wireless LAN security the 802.11i is considering inclusion of AES in WEPv2.6.1Temporal Key Integrity Protocol (TKIP)The temporal key integrity protocol (TKIP), initially referred to as WEP2, is an interim solution that fixes the key reuse problem of WEP, that is, periodically using the same key to encrypt data. The TKIP process begins with a 128-bit "temporal key" shared among clients and access points. TKIP combines the temporal key with the client's MAC address and then adds a relatively large 16-octet initialization vector to produce the key that will encrypt the data. This procedure ensures that each station uses different key streams to encrypt the data. TKIP also prevents the passive snooping attack by hashing the IV.TKIP uses RC4 to perform the encryption, which is the same as WEP. A major difference from WEP, however, is that TKIP changes temporal keys every 10,000 packets. This provides a dynamic distribution method that significantly enhances the security of the network.An advantage of using TKIP is that companies having existing WEP-based access points and radio NICs can upgrade to TKIP through relatively simple firmware patches. In addition, WEP-only equipment will still interoperate with TKIP-enabled devices using WEP. TKIP is a temporary solution, and most experts believe that stronger encryption is still needed6.2802.1X and Extensible Authentication ProtocolCombined with an authentication protocol, such as EAP-TLS, LEAP, or EAP-TTLS, IEEE 802.1X provides port-based access control and mutual authentication between clients and access points via an authentication server. The use of digital certificates makes this process very effective. 802.1X also provides a method for distributing encryption keys dynamically to wireless LAN devices, which solves the key reuse problem found in the current version of 802.11.Initial 802.1X communications begins with an unauthenticated supplicant (i.e., client device) attempting to connect with an authenticator (i.e., 802.11 access point). The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS). Once authenticated, the access point opens the client's port for other types of traffic.7.ConclusionWireless LAN security has a long way to go. Current Implementation of WEP has proved to be flawed. Further initiatives to come up with a standard that is robust and provides adequate security are urgently needed. The 802.1x and EAP are just mid points in a long journey. Till new security standard for WLAN comes up third party and proprietary methods need to be implemented.8.References1.L.M.S.C. OF THE IEEE COMPUTER SOCIETY. Wireless LAN Medium Access Control(MAC) and Physical Layer (PHY) Specifications, ANSI/IEEE std. 802.11, 1999 edition.2.Fluhrer, Mantin, Shamir. Weakness in the key-scheduling algorithm of RC4.3.Stubblefield, Ioannidis, Rubin. Using the Fluhrer, Mantin and Shamir attack to breakWEP.4.Borisov, Goldberg, Wagner. Intercepting Mobile communications: The Insecurity of802.11 - Draft.5.About the AuthorsDr. S. A. Vetha Manickam, Head of TechnologyS. A. Vetha Manickam holds a PhD degree in Scientific Computing and Numerical Analysis from Indian Institute of Technology, Bombay. He has a Masters in Applied Mathematics from Anna University, Chennai, where his dissertation was in "Object Oriented Methodologies". He was a Fellow of National Board for Higher Mathematics (NBHM), Department of Atomic Energy (DAE), India during the doctoral and post doctoral degree. Dr. Manickam has extensive experience in implementing e Security for organizations and defining the Information Risk Management Policies. He has been doing secure code auditing for many banking applications. He has also been involved in development of cryptographic algorithms and PKI products for authentication, confidentiality, integrity and Digital Signature. He is also involved in cryptanalysis for mobile and Wireless LAN encryption algorithms. He has spearheaded development teams in iKey integration, desktop security development, vulnerability scanner development and incorporation of Digital Signature for the Enterprise solutions.Sangram S. Gayal, Information Security ConsultantSangram S. Gayal is Bachelor of Engineering in Electronics and Telecommunications from Government College of Engineering, Aurangabad. He currently is an Information Security Consultant with Network Security Solutions India Ltd. and Associate researcher at Center for Information and Network Security, University of Pune. He currently is researching on wireless LAN vulnerabilities and countermeasures.21。

Dell PowerVault MD34XX and MD38XX Series Storage ArraysSMI-S Provider Installation GuideNotes, Cautions, and WarningsNOTE: A NOTE indicates important information that helps you make better use of your computer.CAUTION: A CAUTION indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.WARNING: A WARNING indicates a potential for property damage, personal injury, or death.Copyright © 2014 Dell Inc. All rights reserved. This product is protected by U.S. and international copyright and intellectual property laws. Dell™ and the Dell logo are trademarks of Dell Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.2014 - 02Rev. A03Contents1 SMI-S Provider Installation Guide (5)Introduction (5)Version Information (5)Name Space (5)Supported Profiles And Sub-Profiles (5)Installing And Uninstalling The SMI-S Provider (6)System Requirements For SMI-S Provider (6)Installing SMI-S Provider (7)Configuring CIM Server (7)Uninstalling SMI-S Provider (9)Managing The SMI-S Provider (9)Starting And Stopping The OpenPegasus CIM Server For Windows-Based Operating Systems (9)Starting And Stopping The OpenPegasus CIM Server For Linux-Based Operating Systems (9)Adding Or Removing A Storage Array From The SMI-S Provider (9)Changing The Debug Tracing Option (9)Troubleshooting The SMI-S Provider (10)4SMI-S Provider Installation GuideIntroductionThe Dell PowerVault MD Series storage arrays provide an industry-standard Application Programming Interface (API) called the Storage Management Initiative Specification (SMI-S). This interface enables third party SMI-S client applications to manage MD Series storage arrays in a multi-vendor storage area network (SAN) environment.SMI-enabled management applications are known as Common Information Model (CIM) clients. To allow clients to manage a storage device, an SMI-S Provider (also called SMI-S Agent or CIM Agent) is required. SMI-S Providers can be implemented as:• A proxy interface that translates the existing API of a device to an SMI-S compliant interface. This implementation is the quickest path to SMI-S compliance, but a proxy provider and a Common Information Model Object Manager (CIMOM) must be installed on a server. A CIMOM is a CIM/WBEM infrastructure that receives, validates, and authenticates CIM requests from the client application. The CIMOM directs the requests to the appropriate device provider.• A native feature of the storage device API. This implementation is sometimes referred to as an embedded agent. Dell MD Series SMI-S Provider is implemented as a proxy interface. The Dell SMI-S Provider, referred to as SMI-S Provider, runs on a server on the storage network. OpenPegasus CIMOM is installed during the installation of this SMI-S Provider.The SMI-S Provider provides the SMI-S interface to the Dell PowerVault MD Series storage arrays. The provider uses the proxy CIM Agent model and is supported on Microsoft Windows and Linux platforms only. For more information about the platform versions, see the Support Matrix for the MD Series storage arrays at /powervaultmanuals. Version InformationThe following table lists the version details of the components.Component VersionSMI-S 1.4SMI-S Provider10.302.9.1OpenPegasusCIMOMName SpaceEXTERNAL_NAMESPACE=root/DCIM/MDStorageArray13Supported Profiles And Sub-ProfilesSMI-S Provider version 10.30 supports the following profiles and sub-profiles:•Block storage views•Thin provisioning•Replication services•Physical package•Profile registration5•Device credentials•Proxy server system management•Multiple computer system•Block services•Disk drive lite•Copy services•Job control•Extent composition•Disk sparing•Initiator port (SAS and SATA)•Target port (SAS)•iSCSI target port•Access points•Indications•Masking and mapping•Location•Software inventory•Software update•Erasure•Battery•Storage asymmetry•Message log•Block server performanceNOTE: Block server performance statistics are not available for controller firmware versions prior to 7.10. Installing And Uninstalling The SMI-S ProviderSystem Requirements For SMI-S ProviderThe following are the system requirements to install and run the SMI-S Provider.System Component RequirementMemory 1 GB minimum (2 GB recommended).Connectivity Ethernet with 100BASE-T minimum (Gigabit Ethernet preferred) and TCP/IP.Port TCP port 5988 or 5989, or any other available port if these ports are not available.Storage array password The device credentials profile requires the storage array password (SharedSecret) to modify operations. The SMI-S Provider persistently tracks an instance of the SharedSecret per storage array.Scalability There is no limit on the number of storage systems that can be supported by a single provider instance. The recommended maximum is 10 for moderately to fully configured storage systemsper provider, or a total of around 5000 volumes. In large configurations, deploy additionalproviders on different servers in your storage network to manage additional storage systems. 6Installing SMI-S ProviderThe SMI-S Provider is packaged as an archive file for UNIX-based operating system servers and as an executable installation file for Microsoft Windows-based operating system servers.Installing SMI-S Provider For Windows-Based Operating SystemsTo install the SMI-S Provider:1.Move the SMI-S Provider installation executable file on the server where you want to install the SMI-S Provider.2.Double-click the installation executable icon and follow the instructions on the screen.NOTE: The installation prompts you to enter an IP address for the storage array that you want to use. The installation opens a text file in Notepad. Follow the instructions in the text file. After you have added the storage array and closed Notepad, the installation program continues normally.The SMI-S Provider is installed on your system. After the installation, you can delete the installation executable file.Installing SMI-S Provider For Linux-Based Operating SystemsTo install the SMI-S Provider:1.Move the SMI-S Provider RPM package file into the file system on the server where you want to install SMI-S Provider.2.Run the following command: rpm -ivh <rpm package name> .rpmTo change the OpenPegasus CIMOM configuration, see Configuring CIM Server.Configuring CIM ServerUse the following commands to perform basic CIM server configuration operations.Function CommandTo set an http port # cimconfig -s httpPort=<port> -p To set an https port # cimconfig -s httpsPort==<port> -pTo enable or disable the http connection # cimconfig -s enableHttpConnection={true | false} -p To enable or disable the https connection # cimconfig -s enableHttpsConnection={true | false} -p To enable or disable authentication# cimconfig -s enableAuthentication={false | true} –pTo add a user fordefining thecredentials for CIM client to authenticate with the CIM server cimuser -a -u username -w password To remove a user# cimuser -r -u username -w password7Function Command To enable or disableservice location protocol (SLP)# cimconfig -s slp={true | false} -pNOTE:If SLP is enabled, see the table below for additional settings information.NOTE: Commands are of the following format: cimconfig -s<propertyName>={true|false} -p where <propertyName> is a column heading in the following table.Table 1. Additional Setting Information if SLP is EnabledNOTE: All other combinations of the SLP property values have undefined behavior.For more information, see the documentation available in the source release archive at . 8Uninstalling SMI-S ProviderUninstalling SMI-S Provider For Windows-Based Operating Systems1.Navigate to the Control Panel.2.Click Add or Remove Programs.3.Double-click Dell SMI-S Provider to uninstall it.The uninstallation procedure may leave files (such as trace files, repository files, and other administrative files) that were created by SMI-S Provider after the installation was complete. Manually delete these files to completely remove SMI-S Provider.Uninstalling SMI-S Provider For Linux-Based Operating Systems1.In a terminal window, run the command: rpm -e <package name>The un-installation process may leave files that were not part of the original installation.2.Manually delete the original installation files to completely remove SMI-S Provider.Managing The SMI-S ProviderStarting And Stopping The OpenPegasus CIM Server For Windows-Based Operating SystemsTo start or stop the OpenPegasus CIM server:1.Open the Services window and locate the cimserver service.2.Right-click cimserver service and select start or stop.3.To start a service, run the following command in the command prompt: net start cimserver4.To stop a service, run the following command in the command prompt: net stop cimserverStarting And Stopping The OpenPegasus CIM Server For Linux-Based Operating Systems1.To start the OpenPegasus CIM server, run the following command on a terminal window: cimserver2.To stop the OpenPegasus CIM server, run the following command on a terminal window: cimserverAdding Or Removing A Storage Array From The SMI-S ProviderDuring installation, you are prompted to enter the IP addresses into a file. After this initial setup, the SMI-enabled client must use the SMI-S Provider proxy server system management profile to add or remove devices.NOTE: When a storage array is added, the IP address of only one of the management ports of the storage array must be supplied (and not both management ports). Entering the IP addresses for both management ports of a single storage array causes unpredictable behavior of the SMI-S Provider.Changing The Debug Tracing OptionNOTE: After changing the tracing levels, stop and start OpenPegasus CIM server for the changes to take effect.Turn on tracing only under the direction of your technical support representative.9To change the debug tracing option:1.Go to the directory where SMI-S Provider is installed.The default install directories are:–<%Program Files%>/Dell/pegasus/provider/array for Windows.–/opt/dell/pegasus/array for Linux.2.Edit providerTraceLog.properties file in a text file editor, by following the steps below:a)Remove the pound sign (#) from the lines containing File, Level, and Events.b)Edit the file name in the field File.This file contains the trace messages.3.Save providerTraceLog.properties file and exit the text file editor.4.Stop and start the OpenPegasus CIM server.See Starting And Stopping The OpenPegasus CIM Server. Troubleshooting The SMI-S ProviderThe following table lists some of the common issues and their resolutions.Table 2. Common Issues and Resolutions1011。

Amazon WorkSpaces Core Technology Partner Integration GuideAmazon WorkSpaces Core: Technology Partner Integration Guide Copyright © 2023 Amazon Web Services, Inc. and/or its affiliates. All rights reserved.Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon.Table of ContentsIntroduction (1)Shared responsibility model (2)Shared responsibilities with Amazon WorkSpaces Core (2)Amazon WorkSpaces Core responsibilities (2)Customer and partner responsibilities (2)Prerequisites (4)Infrastructure setup using BYOL and BYOP (5)Enable BYOL and BYOP, configure the BYOL CIDR block, and register the directory (5)Add a security group to a WorkSpaces directory (6)Import the image (6)Deploy Amazon WorkSpaces Core desktops (7)Lifecycle management of instances (9)Solution deployment guide example (11)Document history (13)IntroductionAmazon WorkSpaces Core offers managed virtual desktop infrastructure (VDI) that's designed to workwith third-party management solutions. Amazon WorkSpaces Core gives technology partners like youflexibility and choice, while maintaining the security, global reliability, and cost efficiency customershave enjoyed from WorkSpaces for years. For more information, see Amazon WorkSpaces Core. Amazon WorkSpaces Core is part of the Amazon WorkSpaces Family of services. For more information, seeAmazon WorkSpaces Family.This guide is for third-party VDI solution providers who want to build a solution using AmazonWorkSpaces Core. Amazon WorkSpaces Core is for builders. Builders use Amazon WorkSpaces CoreAPI operations to easily provide WorkSpaces capabilities in their solutions with select, purpose-builtinfrastructure components.If you're a customer interested in using a VDI or desktop as a service (DaaS) solution built on AmazonWorkSpaces Core, see Amazon WorkSpaces Core and choose WorkSpaces Core Partners to learn more.Amazon WorkSpaces CoreTechnology Partner Integration GuideShared responsibilities with Amazon WorkSpaces Core Shared responsibility modelSecurity and compliance is a shared responsibility between AWS and its partners. This shared modelcan help relieve your operational burden. AWS operates, manages and controls the components fromthe host operating system and visualization layer to the physical security of the facilities in which theservice operates. The customer assumes responsibility and management of the guest operating system(including updates and security patches), other associated application software, and the configuration of the security group firewall that's provided by AWS.Customers should carefully consider the services that they choose. Their responsibilities vary dependingon the services used, the integration of those services into their IT environment, and applicable laws andregulations. The nature of this shared responsibility also provides the flexibility and customer controlthat permits the deployment. For more information, see Shared Responsibility Model.Topics•Shared responsibilities with Amazon WorkSpaces Core (p. 2)•Amazon WorkSpaces Core responsibilities (p. 2)•Customer and partner responsibilities (p. 2)Shared responsibilities with Amazon WorkSpaces CoreThe following responsibilities are shared between your company and Amazon WorkSpaces Core:•Compliance validation.•Amazon WorkSpaces image import.•AWS Identity and Access Management (IAM) for WorkSpaces. This responsibility includes IAMconfigurations and policies. This responsibility doesn't include access to the desktop through thecustomer and/or partner directory, or gateway services.Amazon WorkSpaces Core responsibilitiesThe following responsibilities belong to Amazon WorkSpaces Core:•Infrastructure security.•Encryption at rest (which must be enabled). For more information, see Encrypted WorkSpaces in theAmazon WorkSpaces Administration Guide.•Resilience in Amazon WorkSpaces Core (except for cross-Region redirection).•WorkSpaces API operations, AWS Command Line Interface (AWS CLI), SDK, CDK, and console.•WorkSpaces based monitoring.•WorkSpaces dedicated hardware requirements.•Windows operating system (OS) updates and security patches.Customer and partner responsibilitiesThe following responsibilities belong to your company:Amazon WorkSpaces CoreTechnology Partner Integration GuideCustomer and partner responsibilities•Lifecycle of the Amazon WorkSpaces Core desktop, including calling our API, CLI, or console to provision the desktop, receiving any status, and calling our API, CLI, or console to terminate the desktop.•Registration of Amazon WorkSpaces Core desktops within the customer or partner solution.•Brokering Active Directory users to the Amazon WorkSpaces Core desktop.•Gateway services for securely accessing the Amazon WorkSpaces Core desktop.•Multi-Region resilience.•AWS is responsible for patching and fixing flaws within the infrastructure, but customers are responsible for patching their guest OS and applications.•Additional monitoring, security, and analytic solutions. These solutions are also the responsibility of the customer or partner operating the solution.The following images show the shared responsibility model and shared responsibility with AWS and your partner.Amazon WorkSpaces CoreTechnology Partner Integration Guide PrerequisitesTo use an Amazon WorkSpaces Core-based virtual desktop infrastructure (VDI) solution, customers must meet the following requirements:•The customer must meet the Bring Your Own License model (BYOL) criteria. For more information, seeBring Your Own Windows desktop licenses in the Amazon WorkSpaces Administration Guide.•The customer must have either Windows 10 or Windows 11 desktop licenses. These are the onlysupported operating systems.•The customer must have a technology partner that they're working with, or be willing to build theirown control plane (broker and orchestration). They must also bring their own pixel streaming protocol.•The customer must have Active Directory (AD connector or MAD within a customer account).Amazon WorkSpaces CoreTechnology Partner Integration GuideEnable BYOL and BYOP, configure theBYOL CIDR block, and register the directory Infrastructure setup using BYOL and BYOPUse the following steps to set up your customer’s AWS account. As the technology partner, you performsome steps, and your customer also performs some steps.Topics•Enable BYOL and BYOP, configure the BYOL CIDR block, and register the directory (p. 5)•Add a security group to a WorkSpaces directory (p. 6)•Import the image (p. 6)•Deploy Amazon WorkSpaces Core desktops (p. 7)Enable BYOL and BYOP, configure the BYOL CIDR block, and register the directoryFollow these steps to enable Bring Your Own Licenses (BYOL) and Bring Your Own Protocol (BYOP),configure the BYOL Classless Inter-Domain Routing (CIDR) block, and register the directory.1.Customer step – Enable BYOL and BYOP.plete the BYOL steps in Bring Your Own Windows desktop licenses in the Amazon WorkSpacesAdministration Guide.b.To enable their AWS account for BYOP, customers must contact their AWS account manager.For select technology partners with hosted managed solutions, BYOP might be enabled at thetechnology partner solution level. In that case, the customer account won't need to have BYOPenabled within their account.2.Partner step – Create a technology partner solution connection to the customer's AWS account. Formore information, see AWS security credentials in the IAM User Guide. This connection can be donewith secret and access keys for self-managed solutions. The preferred method is to use an assumerole capability. For more information, see How to Use External ID When Granting Access to Your AWSResources at the AWS Security Blog.3.Partner step – If assume role access is being used, the technology partner creates an assume role fromthe technology partner solution's AWS account to the customer's AWS account. You can provide thecustomer with an AWS CloudFormation template to automate creation of the role with permissions orinstructions on permissions as needed.4.Partner step – List management CIDR ranges to the customer admin. This is the management CIDRblock that is required for the Amazon WorkSpaces dedicated control plane. WorkSpaces desktops havetwo elastic network interfaces: one network interface for the management network and one for accessto a customer's virtual private cloud (VPC).ListAvailableManagementCidrRanges (Amazon WorkSpaces)5.Partner step – Present the directories that the customer admin would choose for WorkSpaces.DescribeWorkspaceDirectories (Amazon WorkSpaces)- DirectoryId- DirectoryName- DirectoryType- SubnetIds- Tenancy- WorkspaceCreationProperties- - CustomSecurityGroupId- - DefaultOu- - EnableInternetAccess- - EnableMaintenanceMode- - EnableWorkDocs- - UserEnabledAsLocalAdministrator6.Partner step – Register the directory to AWS for this workspace to access. This step is used for addingthe desktop to Active Directory.RegisterWorkspaceDirectory (Amazon WorkSpaces)- EnableSelfService- EnableWorkDocs (Requested to have disable or options in supported regions)- SubnetIds- Tags- TenancyAdd a security group to a WorkSpaces directoryYou must allow for access from the customer VPC into the Amazon WorkSpaces Core desktop.WorkSpaces desktops, including Amazon WorkSpaces Core desktops, have a security group attached tothe customer VPC elastic network interface. By default, this security group blocks all traffic.For Remote Desktop Protocol (RDP) access or access from any other protocol that will be accessing thedesktop, you must add or modify a security group to the WorkSpaces directory. For more information,see Security groups for your WorkSpaces in the Amazon WorkSpaces Administration Guide.You can also add this new default security group to existing WorkSpaces without rebuilding them. Formore information, see To add a security group to an existing WorkSpace in the Amazon WorkSpacesAdministration Guide. Use caution when modifying or deleting these security groups. Customers areresponsible for the “security in the cloud." For more information, see Shared Responsibility Model. Import the imageUse the following steps to import the image.1.Customer step – The customer must have an image within Amazon Elastic Compute Cloud (AmazonEC2) as an Amazon Machine Image (AMI). For more information, see Importing a VM as an image usingVM Import/Export in the VM Import/Export User Guide.2.Partner step – List the AMIs and display them to the customer admin.describe-images - (EC2)"VirtualizationType" (filter)"Description" (display)"PlatformDetails" (display)"EnaSupport" (display) - instance types limit"Hypervisor" (display) - instance types limit"State" (filter)"ImageId" (display)"VolumeType" (display)"VolumeSize" (display) - make sure meets WS requirements"Encrypted" (display and filter) not supported"OwnerId" (display)"ImageType": "machine" (filter)"Name" (display)3.Customer step – Select the Amazon EC2 AMI.4.Partner step – Import the image. Make sure to use the BYOP import ingestion process with theAmazon WorkSpaces Core API.ImportWorkspaceImage (Amazon WorkSpaces Core)"Applications" (Not supported)"Ec2ImageId" (selected from above)"ImageDescription" (Required)"ImageName": (Required)"IngestionProcess": ((BYOL_REGULAR_BYOP)) or ((BYOL_GRAPHICS_G4DN_BYOP))"Tags"Following is an example command using the AWS CLI:aws workspaces import-workspace-image --ec2-image-id ami-xxxxxxxxxx --ingestion-process BYOL_REGULAR_BYOP --image-name win10-ent-img01 --image-description “Windows 10 Enterprise”5.Partner step – Display the status of the import.DescribeWorkspaceImagesImageIdsDeploy Amazon WorkSpaces Core desktops1.Partner and customer step – Create a bundle.CreateWorkspaceBundle (Amazon WorkSpaces)"BundleDescription""BundleName""ComputeType""ImageId""RootStorage" - "Capacity""Tags": ["UserStorage""Capacity"2.Partner and customer step – Create a workspace for a user.CreateWorkspaces (Amazon WorkSpaces Core)"Workspaces""BundleId""DirectoryId""RootVolumeEncryptionEnabled""Tags""UserName""UserVolumeEncryptionEnabled""VolumeEncryptionKey""WorkspaceProperties": {"ComputeTypeName""RootVolumeSizeGib""RunningMode" MANUAL or Always_On"UserVolumeSizeGib"Amazon WorkSpaces CoreTechnology Partner Integration GuideDeploy Amazon WorkSpaces Core desktopsFor RunningMode, the AUTO_STOP mode isn't available for Amazon WorkSpaces Core. Instead,a new running mode value of MANUAL is available for technology partner solutions to power manage the workspace and offer hourly usage of the instance. With the MANUAL mode, technology partner solutions use the StartWorkSpaces and StopWorkSpaces API operations to manage the workspaces. The customer is only charged for the hours when the WorkSpace is in the AVAILABLE state.NoteTo ensure that no workspaces are inadvertently charging the customer for unknown periods of time, manual workspaces in the AVAILABLE state will be stopped after a sufficiently long period of time (greater than or equal to 48 hours). Manual workspaces are subject to anautomatic maintenance window schedule once a month, similar to the current AUTO_STOP workspaces detailed here. You can opt out of this maintenance schedule by using theModifyWorkspaceCreationProperties API operation.Lifecycle management of instances To perform various actions for Amazon WorkSpaces Core, use the following API operations. To help youcreate your workflow, we have provided a recommendation for each API operation. A recommendationof "Possible" means that the API operation might not be necessary for your workflow or that there areadditional considerations about using the API operation. A recommendation of "Required" means thatthe API operation must be used.•Deployment and setup•CreateTags – Possible.•CreateWorkspaceBundle – Required.•CreateWorkspaces – Required.•DescribeAccount – Required.•DescribeAccountModifications – Possible.•ImportWorkspaceImage – Possible, but we highly recommend that partners have an interface toimport images into Amazon WorkSpaces using this API operation.•ModifyAccount – Possible.•ListAvailableManagementCidrRanges – Possible, but we highly recommend that partners have aninterface to onboard customers into Amazon WorkSpaces BYOL using this API operation.•RegisterWorkspaceDirectory – Required.•EnableInternetAccess – Optional.•EnableWorkDocs – Optional.•Tags – Optional.•Operations•CopyWorkspaceImage – Possible, but we highly recommend this action. It supports anUpdateWorkspaceBundle image process and copying from one AWS Region to another Region.•CreateWorkspaceImage – Required.•DescribeTags – Possible, but we highly recommend that partners have an interface to use andmodify tags on Amazon WorkSpaces desktops using this API operation.•DescribeWorkspaceBundles – Required.•DescribeWorkspaceDirectories – Required.•DescribeWorkspaceImagePermissions – Required.•DescribeWorkspaceImages – Required for creation of new desktops and within a workflow to use theUpdateWorkspaceBundle API operation that updates an image within a bundle.•DescribeWorkspaces – Required.•DescribeWorkspaceSnapshots – Possible, but we highly recommend that partners have an interfaceto view snapshots into Amazon WorkSpaces desktops using this API operation.•MigrateWorkspace – Possible, but we highly recommend that partners have an interface to migratean Amazon WorkSpaces desktop from one bundle to another using this API operation.•ModifyWorkspaceCreationProperties – Possible, but we highly recommend that partners have aninterface to modify the following properties:•CustomSecurityGroupId•DefaultOu•EnableInternetAccess•EnableMaintenanceMode•EnableWorkDocs•UserEnabledAsLocalAdministrator•ModifyWorkspaceProperties – Possible, but we highly recommend that partners have an interface to modify the following properties:•ComputeTypeName•RootVolumeSizeGib•RunningMode (can change to Manual)•RunningModeAutoStopTimeoutInMinutes•UserVolumeSizeGib•ModifyWorkspaceState – Required.•RebootWorkspaces – Required.•RebuildWorkspaces – Required.•RestoreWorkspace – Required.•StartWorkspaces – Required.•StopWorkspaces – Required.•UpdateWorkspaceBundle – Required.•UpdateWorkspaceImagePermission – Possible, but we highly recommend that partners have an interface to modify these properties.•Termination•DeleteTags - Possible.•DeleteWorkspaceBundle – Required.•DeleteWorkspaceImage – Required.•DeregisterWorkspaceDirectory – Required.•TerminateWorkspaces – Required.Solution deployment guide example As a partner who is building a solution using Amazon WorkSpaces Core, it's your responsibility todocument how your customers can deploy your solution to their environments. We recommend that youcreate a deployment guide, with the following suggested table of contents. Some topics might not berelevant to your solution, so revise the topics as necessary.It’s also a good practice to link to other AWS documentation where relevant. For example, refer yourcustomers to the Amazon WorkSpaces Administration Guide for sections related to Bring Your OwnLicense (BYOL) image import, directory setup, and virtual private cloud (VPC) setup. Specific details ofyour deployment guide and steps will vary, depending on the level of integration of your solution withthe WorkSpaces API, and what steps customers must take manually using the AWS Management Console or AWS Command Line Interface.As a partner, you're responsible for hosting and publishing the deployment guides on your website.Amazon WorkSpaces Core can link to these guides from the WorkSpaces Core Partners section atAmazon WorkSpaces Core, where customers can easily find them.Following is a suggested table of contents for an Amazon WorkSpaces Core solution deployment guide:•Chapter 1: Introduction•Chapter 2: Getting started•Overview•Setting up security groups•Configuring the directory services security group•Configuring a VPC•Chapter 3: Installing <your service> in Amazon EC2•Required AWS permissions•Launching a connection broker instance•Upgrading the <your service> connection broker•Lauching a <your service> gateway instance•Obtaining your <your service> license•Chapter 4: Preparing WorkSpaces Core images•Chapter 5: Integrating with your AWS infrastructure•Connecting to your Amazon diretory services•Connecting to your Amazon WorkSpaces account•Attaching the <your service> gateway to a connection broker•Chapter 6: Launching new workspaces•Loading users•Deploying new workspaces•Chapter 7: Connecting users to WorkSpaces•Amazon WorkSpaces pools•Protocol plans•Power control plans•Release plans•Building user policies•Assigning policies to users•Testing your connection broker configuration•Connecting to WorkSpacesDocument history for the Amazon WorkSpaces Core Technology Partner Integration GuideThe following table describes the documentation releases for Amazon WorkSpaces Core.Change Description DateInitial release (p. 13)Initial release of the AmazonSeptember 20, 2023WorkSpaces Core TechnologyPartner Integration Guide.。

Computer Security and Control ObjectivesList of Control ObjectivesPlease find enclosed several control objectives that should help meet the minimum level of security and control of a computer network.A. Desktop∙ The user should be required to sign on to their computer with a user id and password.∙ The password for any server other than the personal computer should not be stored on the personal computer in any file in any format∙ Directory and files on the personal computer should be restricted to authorized users only.∙ A legal notice should be displayed to inform the user of the sensitive nature of the information and their responsibility to keep it safe.∙ The last authenticated user should not be displayed on the sign on screen∙ A system policy should be in place that prevents the sharing of resources on the local Windows 95 workstation.∙ A user policy should be applied to the Domain Users group, which removes any common icon groups from the Start Menu.∙ A standard security and control configuration should be established and approved by management. The enforcement of the standard configurationshould be controlled by a network management product through periodicinventory control.∙ Standard applications should be established to reduce the errors and omissions that occur when supporting multiple end user configurations. In addition, theestablishment of a standard application environment on the desktop shouldreduce the support and maintenance effort required.∙ For the best overall security the Windows NT 4.0 workstation operating system should be the recommended standard.B. File Servers∙ Should be physically secured∙ Corporate authentication standards should be met∙ Challenge Handshake Authentication Protocol (CHAP)∙ Password length of at least 8 characters∙ Password aging of 30 days∙ Password minimum age of 1 day∙ Password construction of a mixture of alpha and numeric characters∙ Password history file is established∙ Invalid sign on attempts of 3 with the user account being locked after reaching this threshold∙ Reset invalid sign on attempts after 1440 (one day)∙ Lockout duration 3 days∙ Lock out of user accounts for inactivity∙ Re-evaluation of a user's privileges when a user's job status changes ∙ Corporate authorization standards should be met∙ Guest account should be disabled∙ Administration user account should be protected by passprop (resource kit) which will force the Administrator account to lock up after thesame number of invalid attempts as any normal user. The difference isthat even in this case the Administrator account can still sign on at thesystem console.∙ Everyone group should have restricted directory access∙ All other users and groups should only have the directory and filepermissions required by their job responsibilities∙ NTFS should be installed∙ All group accounts should only have valid users as their members∙ All user rights should be restricted to users that require this level of responsibility for their job function.∙ Trusted Domains should be used sparingly∙ All services should be removed unless required to operate the server ∙ Configure the protocol bindings between TCP/IP, NetBIOS, Server and Workstation services. By removing the bindings betweenNetBIOS and TCP/IP, the native file sharing services will not beaccessible via TCP/IP and hence the Internet. These and otherNetBIOS services will still be accessible via a local LAN-specific,non-routable protocol (ex: NetBEUI).∙ Corporate accountability standards should be met∙ Adequate audit trails should be established for:∙ Logon and logoffs∙ File and object access∙ User and group management∙ Security policy changes∙ Change control∙ All changes to the operating environment should be properly tested and documented∙ Backup∙ An adequate backup schedule should be established∙ Backup files should be stored in a secured off-site location∙ Contingency planning∙ An adequate contingency plan that allows the file server and the associated applications can be restored within a reasonable time frame(determined by a risk analysis and management approval).∙ Service Packs∙ Ensure that there is a mechanism to ensure that all devices including the File Server have the latest patches/service pack.C. LAN & WAN∙ Information that travels over the network should be classified as to a level of sensitivity. Based on this classification the network transmission should notpermit the transfer of clear text sensitive data. This would include:∙ Passwords∙ Legal documents∙ Data that is protected by state or federal law∙ Where possible sensitive data transfer should be protected by using one of the following:∙ CHAP - for user id and password authentication∙ Secured hubs∙ Encryption∙ Cisco's IPSec technology∙ Redundancy should be built into the network to allow for the uninterrupted network services.∙ Vendor access should be clearly defined and controlled.∙ Secured sign on∙ Audit trail of activity∙ No administration rights on the production server∙ No generic passwords (individual accountability)∙ Controls should be in place to prevent session hi-jacking.D. Network Components∙ All network components should met the following control objectives: ∙ Secured authentication (CHAP) for remote administration∙ Proper security configuration∙ SNMP alarms∙ Access Control List (ACLs) if appropriate∙ Audit trail of configuration changes∙ Change control for configuration changes∙ Testing∙ Backup copy∙ Secured dialup access (CHAP) if present∙ Physically secured to prevent theft or unauthorized accessE. Firewall∙ The installed firewall(s) should met the following control objectives: ∙ Secured authentication (CHAP) for remote administration∙ Restricted list of users that can administrate the firewall ∙ Proper security configuration∙ Rules∙ Self security checks such as Tripwire∙ Audit trails of configuration changes∙ Change control for configuration changes∙ Testing∙ Backup copy∙ Operational configuration∙ Connection tracking∙ Prevention of IP Spoofing and denial of service attacks∙ Prevention of access to host computers by IP address∙ Restriction to only required services∙ Single point of network entry∙ Violation reporting of unauthorized users∙ Real time alerts of security breachesF. Proxy∙ The installed proxy(ies) should met the following control objectives: ∙ Secured authentication (CHAP) for remote administration∙ Restricted list of users that administrate the proxy∙ Proper security configuration∙ Rules∙ Self security checks such as Tripwire∙ Audit trails of configuration changes∙ Change control for configuration changes∙ Testing∙ Backup copy∙ Operational configuration∙ Connection tracking∙ Prevention of IP Spoofing∙ Prevention of access to host computers by IP address∙ Restriction to only required services∙ Blocking unwanted sitesF. Remote Communication Server∙ Secured administration authentication process (CHAP)∙ Secured user authentication process (CHAP)∙ Should met the authentication standards of the organization ∙ Should be physically secured∙ Should contain audit trails of changes to configuration∙ Change control for configuration changesG. Single Sign On∙ The bank should implement, if at all possible, a single sign on solution for end users∙ CiscoSecure may have the capability to meet this objectiveH. Host Access∙ All host access should use a secure authentication process (CHAP)∙ All host access should meet the authentication standards of the Bank∙ Only authorized users should have access to host applications∙ All host access should contain an adequate audit trail by user of their activities on the host.I. Change Control∙ The bank should establish an adequate change control policy for the complete production environment.∙ This would include the separation of the following environments:∙ Development∙ Test (Quality Assurance)∙ Production∙ Testing standards should be developed to ensure that any change is adequately tested and that proper test coverage is completed prior to the movement to theproduction environment.J. Incident Reporting∙ An incident reporting system should be established for all production:∙ Outages∙ Problems∙ The incident reporting system should tract both the problem and the resolution of the problem.K. Physical Security∙ All computers and components should have an inventory control number∙ A database of each components location should be established∙ Any critical component should be physically securedL. Contingency Planning∙ A risk analysis to determine the following risk factors should be completed: ∙ Sensitivity Risk∙ Sensitive data∙ Data protected by laws∙ Criticality Risk∙ Availability of data and the impact to the BankM. Dynamic Alarms∙ Alarms should be established to determine the following:∙ Changes to any security configuration for any device∙ Attacks∙ Insider∙ Outsider∙ Trend analysis should be used by collecting the audit files and looking for suspicious activity∙ REAL Secure is a product that can be configured to check for certain type of attacks.N. Audit Reporting∙ Adequate audit reports need to be designed into each device to allow for the complete and proper review of the current configuration evolution process.∙ Audit reporting should be dynamic on sensitive devices and manual on others.∙ Tailored reports may be required to meet audit objectives which include but are not limited to:∙ Access control reports∙ Who access what, when including Internet access∙ Integrity reports that demonstrate that any process or change to aprocess what properly tested to ensure that it only performs the activityrequired by its function.∙ Output control∙ Who receives what report(s) that are sensitive? How are spoolscontrolled to prevent unauthorized users from seeing or changingsensitive reports?∙ Audit trails of any change to the network by delineating the who, why, when, what was changed on a specific device.∙ The Axent product may provide many of the audit and security reports for the NT, Novell, and Unix environments.∙ Key Audit and Security Reports∙ Daily Attack Report - a daily report of any suspicious internal or external attack.∙ Daily violation report - This report should be compilation of all violation attempts to any network device. This report should be available forreview if requested by Auditing. The daily review of this report would bethe responsibility of the Security Administrator or System/NetworkAdministrator.∙ Daily change log - This report should be a compilation of all changes to the devices within the network∙ Daily incident report - This report would indicate any operationalproblems that occur with the network. This would include all of thenetwork devices and their operational status. A timely resolution reportwith appropriate solution sets should follow or be included as part of thereport.O. Security Certification∙ A secured configuration based should be established for each device and the system should automatically identify any new device.∙ Any new device would be immediately interrogated to ensure that it meets the minimum security and control requirements of the BankP. Port Filtering∙ A complete listing of all ports that are listening should be compiled∙ Using a port listening tool to accomplish this task, any unnecessary port should be turned off.∙ This tool should be run on a scheduled basis∙ Port filtering should be installed for sensitive listening programIIS∙ Ensure that there is limited administration access to maintain the IIS servers∙ Ensure that any special services running on the server are required∙ Ensure that proper authentication standards are being met for system administration to the server∙ Ensure that all maintenance activity is properly recorded∙ Ensure that any configuration changes are properly tested and approved∙ Ensure that the proper sheets for configuration are established∙ Property Sheets∙ Service - the following services should be set∙ Connection Timeout∙ Maximum Connections∙ Anonymous Logon∙ Username∙ Password∙ Password Authentication∙ Allow Anonymous∙ Windows NT Challenge/Response∙ Directories∙ Directories allowed∙ Enable Default Document∙ Directory Browsing Allowed∙ When adding a new directory you can Edit Properties which allows you to set:∙ Alias∙ Account Information - User Name & Password∙ Virtual Server∙ Access Rights∙ Read Execute Secured Socket Layer (SSL)∙ Logging∙ Enable Logging∙ Log To File∙ Automatically Log to SQL/ODBC DBMS∙ Log file directory∙ Log file name∙ Advanced∙ Access IP Address Subnet Mask∙ Limit Network Use by all Internet Services on this computer ∙ Backup files should be secured if sensitive data such as encrypted passwords are on the files.Q. MicroSoft's Exchange∙ Exchange Security∙ Using NT security as it basis.∙ Advanced Security∙ Signing∙ This technique uses a digital signature on a message to certify the message's origin.∙ Sealing (Encryption)∙ This process scrambles the contents of a message to make it difficult for anyone without a decryption key to read it.∙ You can configure advanced security settings for clients by opening the Options menu and clicking the Security tab.∙ Security Options∙ Encrypt Message Contents and Attachments∙ Add Digital Signature to Message∙ Logoff Security∙ Turns off password prompt∙ Set Up Advanced Security∙ Permissions∙ Mailbox Permission∙ More than one or user account can have permission on a∙ mailbox∙ Public Folder Permission∙ Permission to access public folder can be granted by the owner of a public folder.∙ Directory Permissions∙ Permissions to use the directory are granted to Windows NT useraccounts.∙ Auditing∙ All audited events are recorded in NT's Event Log.R. Gateways∙ Ensure that there is limited administration access to maintain these servers∙ Ensure that any special services running on the server are required∙ Ensure that proper authentication standards are being met for system administration to the server∙ Ensure that all maintenance activity is properly recorded∙ Ensure that any configuration changes are properly tested and approved∙ Ensure that any connection logging does not record the user id and password of the connection in clear text. If it does ensure that these passwords areencrypted or removed from the log file.∙ Backup files should be secured if sensitive data such as encrypted passwords are on the files.S. Directory Servers∙ Ensure that there is limited administration access to maintain these servers.∙ Ensure that any special services running on the server are required∙ Ensure that proper authentication standards are being met for system administration to the server∙ Ensure that all maintenance activity is properly recorded∙ Ensure that any configuration changes are properly tested and approvedT. SQL/Server∙ A risk analysis to determine where the sensitive data is located should be performed∙ All default user ids and passwords should be changed∙ Limit the number of Database administrators∙ Ensure that users only have access to tables that are required by their job responsibilities∙ Ensure that users only have the privileges to these tables based on their job responsibilities∙ Ensure that all direct connect programs are authorized to perform the connect ∙ Ensure that all direct connect programs meet the authentication standards of the Bank∙ Ensure that all connections to the database provide the actual user id that is performing the activity/transaction to allow for a proper audit trail.∙ No generic user ids and passwords∙ No public defined access∙ Meets authentication standardsU. H.P. OpenView∙ Security/Operational alarms/reports should be established such as:∙ Complete network diagram of logical components with addresses and contact points∙ Alarms of violation attacks for network components∙ Alarms for network errors to help ensure the reliability of the network∙ Alarms for personal computer configuration changes∙ Alarms for changes within the network∙ End-to-end management of all components of a business process including application and operating system software, database and transaction systems,servers and mainframes, and wide area and local network elements should bemonitored as a unit.∙ Service level agreements should be established to help to meet user's expectations.∙ Any RMON, RMON-2 devices should be used to track and troubleshoot the network components. This devices, if independent, should be properlysecured by conforming to the authentication standards of the Bank ∙ Multiple levels of reports based on the availability of available products such as the SMS, Optivity, HP-OpenView, and CiscoWorks should be establishedusing the Web technology for secured browsing. This would allow for eventcorrelation and de-duplication of events.∙ The use of these platforms for software distribution and inventory services as well as file, print, and user administration functions.V. Optivity∙ SNMP alarms established to notify security of any attacksW. System Management Server (SMS)∙ Ensure that SMS is set to provide inventory control of the desktop∙ Ensure that the remote control mode is properly secured∙ Ensure that remote administration of the user's registries is properly secured to authorized administrator only.∙ Ensure that proper audit reports are generated for the distribution of software to the workstations.X. ActiveX and Java∙ ActiveX should be discouraged if possible. If not, third party products to protect the ActiveX execution. Products such as Finjan, which inspect theActiveX and java, contents at the Internet gateway level. Other products suchas Digitivity detects incoming applets and then uploads a proxy applet to theuser rather than the original applet. Then, the proxy connects with thecompany's CageServer product, which runs the java applets. This meanswhenever a user downloads an applet from the Web, the code is diverted to aseparate server instead of going to the user. Another company Security-7Software makes a product called SafeGate, which performs real-time analysisof java and ActiveX∙ As a minimum the browser should be set to allow for the following checks: ∙ Byte code verification∙ Class loader∙ Java security manager∙ Digital signatures and Certificate AuthorityY. Viruses∙ A comprehensive virus detection system should be in place to include: ∙ Email attachments∙ New files/programs on the desktop∙ New files/programs on the serverZ. In all of this there should be a clear security policy that delineates management's objectives for the Bank. This policy would be the drivingforce to establish detail procedures and guidelines for the operational staff.∙ A code of conduct should be available and signed by each employee, which will delineate their security responsibilities including the use of the Internet. AA. Other products that may aid in the security and control of the network ∙ Site Scan - Monitors environment equipment. Air conditioning, UPS's battery, Halon∙ Missing Link - Monitors IPX traffic for the Novell file servers connected to the LAN∙ BMC - Is a database monitoring tool that reports performance on database queries.BB. System Administration∙ All activity to any network device by any administrator should be tracked in an audit file.CC. Other products already recommended by Kevin∙ Our preliminary review of the network design by Kevin Mr. Kasperek takes into consideration many of the security and control issues facing the industrytoday. His overall design is quite sound and insightful on the issues ofsecurity and control. His solution for VPNs and Internet traffic appears tomeet many of the control concerns that are present with the use of Internetaccess.∙ Internet Scanner Toolset - is an excellent set of programs that will identify vulnerabilities within the Bank's networked environment. These tools shouldbe run on periodic bases including each time a major change is concludedwithin the environment.。

Introduction to Modern CryptographyIntroductionCryptography plays a crucial role in ensuring the security of communication and data transmission in the modern digital world. With the increasing prominence of cyber attacks and the need for secure online transactions, it is essential to have a solid understanding of modern cryptography. This article provides a comprehensive overview of the book “Introduction to Modern Cryptography,” exploring its main topics and discussing their significance in today’s society.The Importance of CryptographyCryptography is the science of encoding and decoding information to protect its confidentiality, integrity, and authenticity. In an era where sensitive information is constantly transmitted over the internet, cryptography is crucial for maintaining privacy and preventing unauthorized access. It provides a cryptographic framework that protects data from interception or alteration during transmission, ensuring secure communication and information security.History of CryptographyBefore diving into modern cryptography, it is important to understandits historical roots. Cryptography can be traced back to ancient civilizations, where secret codes and ciphers were used to protect messages during wars and conflicts. From the Caesar cipher to the Enigma machine, various encryption methods have been developed throughout history. The evolution of cryptography led to the birth of modern cryptographic algorithms and protocols, which are the focus of this book.Symmetric Key CryptographySymmetric key cryptography, also known as secret key cryptography, is one of the fundamental building blocks of modern cryptography. Itinvolves the use of a shared secret key by both the sender and the receiver to encrypt and decrypt messages. This section of the book covers symmetric key algorithms, including DES, AES, and their properties, such as key length and block size. Additionally, it explores modes of operation, like ECB, CBC, and counter mode, and their impact on confidentiality and integrity.Asymmetric Key CryptographyAsymmetric key cryptography, also known as public key cryptography, revolutionized the field of cryptography by introducing a new paradigm where different key pairs are used for encryption and decryption. The book delves into asymmetric key algorithms, such as RSA and Elliptic Curve Cryptography (ECC), discussing their mathematical foundations and practical applications. It also explores the concept of digital signatures and the role of public key infrastructure (PKI) in establishing trust and authenticity.Cryptographic Hash FunctionsCryptographic hash functions are essential tools in modern cryptography as they provide data integrity and can verify the authenticity of information. This section of the book covers various hash algorithmslike MD5, SHA-1, and SHA-256, explaining their properties, collision resistance, and the potential vulnerabilities of weaker hash functions. It also discusses practical applications, such as password hashing and digital certificates.Key Management and DistributionThe secure distribution and management of cryptographic keys arecritical aspects of modern cryptography. This book explores key distribution techniques, including Diffie-Hellman key exchange and key agreement protocols, such as Station-to-Station (STS) protocol. It also discusses key management practices, such as key generation, storage, and revocation, emphasizing the importance of secure key management systems in maintaining the confidentiality and integrity of encrypted data.Cryptographic Protocols and ApplicationsCryptographic protocols play a vital role in securing various applications and network communications. The book covers protocols like SSL/TLS for secure web browsing, IPsec for secure network communication, and SSH for secure remote access. It explains the underlying cryptographic mechanisms used in these protocols and discusses their strengths and weaknesses. Additionally, it explores emergingapplications like secure multiparty computation and homomorphic encryption.Conclusion“Introduction to Modern Cryptography” pro vides a comprehensive exploration of the field, offering a solid foundation for understanding the principles and applications of modern cryptography. By studying this book, readers can gain valuable insights into the mathematical and practical aspects of cryptography and learn how to apply cryptographic techniques to protect sensitive information in the digital age. Cryptography continues to evolve, and this book serves as an excellent starting point for anyone aspiring to delve further into thisfascinating field.。