Image Security Review Standard V1.0
|
|
- April Robertson
- 6 years ago
- Views:
Transcription
1 Image Security Review Standard V1.0
2 Contents CHAPTER 1 THIRD PARTY COMPONENT SECURITY... 1 APACHE... 1 MYSQL... 1 TOMCAT... 1 OPENSSL... 2 BASH... 2 PHP... 2 NGINX... 2 PROFTPD... 2 CHAPTER 2 CONFIGURATION SECURITY... 3 SSH PASSWORD... 3 DEFAULT SOFTWARE INSTALLATION... 3 PORT CONFIGURATION... 3 WEB CONTAINER SECURITY CONFIGURATION... 3 PHP SECURITY CONFIGURATION... 3 VERSION CONTROL... 4 SECURITY CONFIGURATION... 4 Prohibit Directory Browsing... 4 Delete Dangerous Services... 5 JETTY SECURITY CONFIGURATION STANDARD... 7 VERSION CONTROL... 7 SECURITY CONFIGURATION... 7 Prohibit Directory Browsing... 7 Exception Page Processing... 7 Restrict File Parsing Types... 8 Prohibit Server Version Display... 8 Prohibit CGI I -
3 File Access Control... 8 TOMCAT SECURITY CONFIGURATION... 8 NGINX CONFIGURATION... 9 FTP CONFIGURATION... 9 CHAPTER 3 APPLICATION SECURITY... 9 WEB APPLICATION SECURITY II -
4 Chapter 1 Third Party Component Security Third part components include some popular open-source and non-open-source application components and applications. In order to ensure that the images provided by service providers are secure, the versions and standards of these third-party components must meet the following specifications: Apache Apache 2.0.x versions must be or higher. Apache 2.2.x versions must be or higher. Apache 2.4.x versions must be or higher. Mysql Mysql 5.1.x versions must be or higher. Mysql 5.5.x versions must be or higher. Mysql 5.6.x versions must be or higher. Tomcat Tomcat 6.0.x versions must be or higher. Tomcat 7.0.x versions must be or higher. Tomcat 8.0.x versions must be or higher Tomcat versions 6.x and below are not permitted. (For example, Tomcat 4.x) - 1 -
5 Openssl The Openssl build date must be later than 4/10/2014. (The command to view the build date is openssl version -a) Bash There may be no shellshock vulnerabilities. (Test method: use the command env VAR='() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test". After running the command, if the output is "Bash is vulnerable!", this means Bash is not secure and you must upgrade to the latest version.) PHP PHP 5.2.x versions must be or higher. PHP 5.3.x versions must be or higher. PHP 5.4.x versions must be or higher. PHP 5.5.x versions must be or higher. PHP 5.6.x versions must be or higher. Nginx Nginx 1.4.x versions must be or higher. Nginx 1.5.x versions must be or higher. Nginx 1.6.x versions must be or higher. ProFTPD The ProFTPD version must be higher than
6 Chapter 2 Configuration Security SSH Password 1) The SSH root password of each image instance must be a random password. The initial password must be randomly generated and can be issued through the ECS console system. 2) If the image has a specific username: The SSH password must be randomly generated. Or, the root user is disabled. In this case, after logging in for the first time on SSH using the specific username and the default password, the user is forced to change the default password. Otherwise, the function is disabled. (This is suitable for some firewall-type images and images with customized underlying kernels.) Default Software Installation 1) Under normal circumstances, the image must install Alibaba Cloud Server Guard. Except in special circumstances, the Server Guard software may not be uninstalled without permission. Only if the image cannot install Server Guard (for example, some firewall and gateway images with a customized underlying kernel cannot install Server Guard), it is permissible not to install Server Guard. Port Configuration 1) Ports open to public networks must be screened for the image. Some unneeded ports must not be open to public networks. The image must use iptables for ACL restriction. For instance, the memcache service's port must prohibit connection from the Internet and only allow access by local IPs or IPs on the white list; the mongodb service's port must also prohibit connection from the Internet and only allow access by local IPs or IPs on the white list. Web Container Security Configuration PHP Security Configuration Security Mode: php.ini file modification o safe_mode = on - 3 -
7 o safe_mode_gid = off Disable dangerous functions: o disable_functions=exec,passthru,popen,proc_open,shell_exec,system,phpinfo, assert (except when needed in special cases) Other Configurations Disable error message prompts display_errors = off Display_startup_errors = off Disable global variables register_globals = Off Do not permit dl calling enable_dl = Off Disable remote files allow_url_fopen = Off allow_url_include = Off http only enabled session.cookie_httponly = 1 cookie domain https secure enabled session.cookie_secure = 1 #Suitable PHP redirects cgi.force_redirect = 0 #SQL security mode sql.safe_mode = On Jboss Security Configuration Standard Version Control Standardized configuration management simplifies maintenance costs. Use the following Jboss versions in the production system: or higher. Security Configuration Prohibit Directory Browsing Modify the web.xml file under deploy\jbossdomain\deploy\jbossweb-tomcat55.sar\conf\ to the following: - 4 -
8 <init-param> <param-name>listings</param-name> <param-value>false</param-value> </init-param> Set the "param-value" from the default value 'true' to 'false' Delete Dangerous Services Delete /web-console for Jboss (web-console has a remote code execution vulnerability): Delete root.war in the jboss/server/default/deploy/jbossweb-tomcat55.sar directory Delete jboss/server/default/deploy/management/console-mgr.sar/web-console.war Delete Jboss' /jmx-console web console (jmx-console has a remote code execution vulnerability) Delete jboss/server/default/deploy/jmx-console.war and jmx-console.war files in other directories Delete jboss/server/default/deploy/jbossws.sar/jbossws-context.war and jbossws-context.war files in other directories Delete http-invoker for Jboss (http-invoker has a remote code execution vulnerability) Delete the jboss/server/default/deploy/http-invoker.sar directory Restrict Dangerous Services Set Jboss' Bootstrap JNP and RMI naming services to only allow local access (they have remote code execution vulnerabilities) Modify the content of the jboss-service.xml file in server/default/conf and the jboss-service.xml files in other directories Modify Bootstrap JNP (Port 1099) and RMI naming service (1098) to only allow local access The content should be changed to the following: <mbean code="org.jboss.naming.namingservice" name="jboss:service=naming" - 5 -
9 xmbean-dd="resource:xmdesc/namingservice-xmbean.xml"> <attribute name="callbyvalue">false</attribute> <attribute name="port">1099</attribute> <attribute name="bindaddress"> </attribute> <attribute name="rmiport">1098</attribute> <attribute name="rmibindaddress"> </attribute> <depends optional-attribute-name="lookuppool" proxy-type="attribute">jboss.system:service=threadpool</depends> <depends optional-attribute-name="naming" proxy-type="attribute">jboss:service=namingbeanimpl</depends> </mbean> Here, the default value of "BindAddress" was "${jboss.bind.address}", and is changed to " " Here, the default value of "RmiBindAddress" was "${jboss.bind.address}", and is changed to " " Set the Jboss' RMI/JRMP invoker service to only allow local access (it has a remote code execution vulnerability) Modify the content of the jboss-service.xml file in server/default/conf and the jboss-service.xml files in other directories Modify RMI/JRMP invoker (4444) to only allow local access The content should be changed to the following: <mbean code="org.jboss.invocation.jrmp.server.jrmpinvoker" name="jboss:service=invoker,type=jrmp"> <attribute name="rmiobjectport">4444</attribute> <attribute name="serveraddress"> </attribute> - 6 -
10 <depends>jboss:service=transactionmanager</depends> </mbean> Here, the default value of "RMIObjectPort" was "${jboss.bind.address}", and is changed to " " Jetty Security Configuration Standard Version Control Standardized configuration management simplifies maintenance costs. Use the following Jetty version in the production system: Security Configuration Prohibit Directory Browsing Modify etc/webdefault.xml <init-param> <param-name>dirallowed</param-name> <param-value>false</param-value> </init-param> Set the "param-value" from the default value 'true' to 'false' Exception Page Processing Modify etc/webdefault.xml. By default, this file does not have this, and the following must be added <error-page> <error-code>500</error-code> <location>/</location> </error-page> <error-page> - 7 -
11 <error-code>501</error-code> <location>/</location> </error-page> <error-page> <error-code>502</error-code> <location>/</location> </error-page> <error-page> <error-code>503</error-code> <location>/</location> </error-page> <error-page> <error-code>404</error-code> <location>/</location> </error-page> Restrict File Parsing Types Modify etc/webdefault.xml, only retaining the content for jsp parsing: <servlet-mapping> <servlet-name>jsp</servlet-name> <url-pattern>*.jsp</url-pattern> <url-pattern>*.jsp</url-pattern> </servlet-mapping> Prohibit Server Version Display Change etc/jetty.xml from the default value 'true' to 'false': <Set name="sendserverversion">false</set> Prohibit CGI Delete the test.war file in the webapps/ directory Delete contexts/test.d. It is Ok to choose not to delete this file and the following one. The program will show an error upon startup, but this will not affect its actual use. Delete contexts/test.xml File Access Control #chmod 755 jetty/etc/* Tomcat Security Configuration - 8 -
12 Delete Tomcat's admin console software: Delete the admin.xml file in {Tomcat installation directory}\webapps Delete Tomcat's Manager console software: Delete the manager.xml file in {Tomcat installation directory}\webapps Nginx Configuration File type parsing vulnerability: In php.ini, set cgi.fix_pathinfo=0 FTP Configuration Version: Use the latest version of FileZilla Server or pure-ftpd Prohibit anonymous account login: Set NoAnonymous to yes Chapter 3 Application Security Web Application Security 1) If the image contains self-developed Web applications, they must meet the following specifications: If the Web application has a background-type or similar login interface, there may not be a default password. If there is a default password, the user must be forced to change it after the first login. Otherwise, the background function will be unavailable. Web applications are not allowed to have high-risk vulnerabilities, such as upload, SQL injection, command execution, or remote inclusion vulnerabilities. 2) If the image uses open-source Web applications (such as Discuz, PHPwind, and PHPCMS), it must use their latest official versions
Administering the JBoss 5.x Application Server
Administering the JBoss 5.x Application Server JBoss Application Server (AS) is one of the most popular open source Java application server on the market. The latest release, JBoss 5, is a Java EE 5 certified
More informationWhen the plug-in is installed, you get a new button, to go to Upgrade application screen:
Technical Documentation Reference : Plugin Install Auto Version : V1.0 Plug-in Install Auto Introduction The objective of this document is to explain how to use the plug-in "Install Auto". With this plug-in
More informationBitnami ProcessMaker Community Edition for Huawei Enterprise Cloud
Bitnami ProcessMaker Community Edition for Huawei Enterprise Cloud Description ProcessMaker is an easy-to-use, open source workflow automation and Business Process Management platform, designed so Business
More informationBitnami Piwik for Huawei Enterprise Cloud
Bitnami Piwik for Huawei Enterprise Cloud Description Piwik is a real time web analytics software program. It provides detailed reports on website visitors: the search engines and keywords they used, the
More informationTM1 9.0 SP2 UNIX Installation Help
TM1 9.0 SP2 UNIX Installation Help Table of Contents TM1 Installation for UNIX...1 This document is a printed version of the online help available from the Applix Installation Wizard.Welcome to the Applix
More informationXIA Configuration Server
XIA Configuration Server XIA Configuration Server v6 Cloud Services Quick Start Guide Tuesday, 20 May 2014 1 P a g e X I A C o n f i g u r a t i o n C l o u d S e r v i c e s Contents Overview... 3 Creating
More informationBitnami Ruby for Huawei Enterprise Cloud
Bitnami Ruby for Huawei Enterprise Cloud Description Bitnami Ruby Stack provides a complete development environment for Ruby on Rails that can be deployed in one click. It includes most popular components
More informationBitnami Pimcore for Huawei Enterprise Cloud
Bitnami Pimcore for Huawei Enterprise Cloud Description Pimcore is the open source platform for managing digital experiences. It is the consolidated platform for web content management, product information
More informationCYAN SECURE WEB Installing on Windows
CYAN SECURE WEB September 2009 Applies to: 1.7 and above Table of Contents 1 Introduction... 2 2 Preparation... 2 3 Network Integration... 3 3.1 Out-of-line Deployment... 3 3.2 DMZ Deployment... 3 4 Proxy
More informationSecuring Apache Tomcat. AppSec DC November The OWASP Foundation
Securing Apache Tomcat AppSec DC November 2009 Mark Thomas Senior Software Engineer & Consultant SpringSource mark.thomas@springsource.com +44 (0) 2380 111500 Copyright The Foundation Permission is granted
More informationLEMP Image Guide. Date Version Description. 7.15/2017 V1.2 Alibaba cloud Image doc V /2017 V1.1 Alibaba cloud Image doc V1.
LEMP Image Guide Date Version Description 7.15/2017 V1.2 Alibaba cloud Image doc V1.2 1.5/2017 V1.1 Alibaba cloud Image doc V1.1 11.25/2016 V1.0 Alibaba cloud Image doc V1.0 NOTE: By default, network access
More informationBitnami TestLink for Huawei Enterprise Cloud
Bitnami TestLink for Huawei Enterprise Cloud Description TestLink is test management software that facilitates software quality assurance. It offers support for test cases, test suites, test plans, test
More informationLOMBA KETERAMPILAN SISWA
LOMBA KETERAMPILAN SISWA SEKOLAH MENENGAH KEJURUAN TINGKAT NASIONAL XXV 2017 MODUL A LINUX ISLAND IT NETWORK SYSTEMS ADMINISTRATION LKS2017_ITNSA_MODUL_A 2 ISLAND A LINUX ISLAND CONTENTS This Test Project
More informationNesstar Server Configuration Tool User Guide
Nesstar Server Configuration Tool User Guide Version 3.50 The Configuration Tool allows the server Administrator to edit most of the server configuration properties and to perform basic administrative
More informationRed Hat JBoss Fuse 6.1
Red Hat JBoss Fuse 6.1 Management Console User Guide Managing your environment from the Web Last Updated: 2017-10-12 Red Hat JBoss Fuse 6.1 Management Console User Guide Managing your environment from
More informationBitnami JRuby for Huawei Enterprise Cloud
Bitnami JRuby for Huawei Enterprise Cloud Description JRuby is a 100% Java implementation of the Ruby programming language. It is Ruby for the JVM. JRuby provides a complete set of core built-in classes
More informationBitnami ez Publish for Huawei Enterprise Cloud
Bitnami ez Publish for Huawei Enterprise Cloud Description ez Publish is an Enterprise Content Management platform with an easy to use Web Content Management System. It includes role-based multi-user access,
More informationSugar Enterprise 6.5 Offline Client Guide
Sugar Enterprise 6.5 Offline Client Guide 1 / 11 Sugar Enterprise 6.5 Offline Client Guide... 3 Overview... 3 Conflict resolution... 3 Installation prerequisites... 4 Installing the Sugar Offline Client...
More informationBitnami Dolibarr for Huawei Enterprise Cloud
Bitnami Dolibarr for Huawei Enterprise Cloud Description Dolibarr is an open source, free software package for small and medium companies, foundations or freelancers. It includes different features for
More informationepldt Web Builder Security March 2017
epldt Web Builder Security March 2017 TABLE OF CONTENTS Overview... 4 Application Security... 5 Security Elements... 5 User & Role Management... 5 User / Reseller Hierarchy Management... 5 User Authentication
More informationBitnami OSQA for Huawei Enterprise Cloud
Bitnami OSQA for Huawei Enterprise Cloud Description OSQA is a question and answer system that helps manage and grow online communities similar to Stack Overflow. First steps with the Bitnami OSQA Stack
More informationVMware Identity Manager Connector Installation and Configuration (Legacy Mode)
VMware Identity Manager Connector Installation and Configuration (Legacy Mode) VMware Identity Manager This document supports the version of each product listed and supports all subsequent versions until
More informationBitnami Tiny Tiny RSS for Huawei Enterprise Cloud
Bitnami Tiny Tiny RSS for Huawei Enterprise Cloud Description Tiny Tiny RSS is an open source web-based news feed (RSS/Atom) reader and aggregator, designed to allow you to read news from any location,
More informationBitnami JFrog Artifactory for Huawei Enterprise Cloud
Bitnami JFrog Artifactory for Huawei Enterprise Cloud Description JFrog Artifactory is a Binary Repository Manager for Maven, Ivy, Gradle modules, etc. Integrates with CI servers for fully traceable builds.
More informationServer Installation Guide
Server Installation Guide Server Installation Guide Legal notice Copyright 2018 LAVASTORM ANALYTICS, INC. ALL RIGHTS RESERVED. THIS DOCUMENT OR PARTS HEREOF MAY NOT BE REPRODUCED OR DISTRIBUTED IN ANY
More informationBitnami Coppermine for Huawei Enterprise Cloud
Bitnami Coppermine for Huawei Enterprise Cloud Description Coppermine is a multi-purpose, full-featured web picture gallery. It includes user management, private galleries, automatic thumbnail creation,
More informationBitnami ERPNext for Huawei Enterprise Cloud
Bitnami ERPNext for Huawei Enterprise Cloud Description ERPNext is an open source, web based application that helps small and medium sized business manage their accounting, inventory, sales, purchase,
More informationCyberP3i Hands-on Lab Series
CyberP3i Hands-on Lab Series Lab Series using NETLAB Designer: Dr. Lixin Wang, Associate Professor Hands-On Lab for Application Attacks The NDG Security+ Pod Topology Is Used 1. Introduction In this lab,
More informationWeb Penetration Testing
Web Penetration Testing What is a Website How to hack a Website? Computer with OS and some servers. Apache, MySQL...etc Contains web application. PHP, Python...etc Web application is executed here and
More informationIf you prefer to use your own SSH client, configure NG Admin with the path to the executable:
Each Barracuda NG Firewall system is routinely equipped with an SSH daemon listening on TCP port 22 on all administrative IP addresses (the primary box IP address and all other IP addresses that administrative
More informationBitnami DokuWiki for Huawei Enterprise Cloud
Bitnami DokuWiki for Huawei Enterprise Cloud Description DokuWiki is a standards-compliant, simple to use wiki optimized for creating documentation. It is targeted at developer teams, workgroups, and small
More informationBitnami Open Atrium for Huawei Enterprise Cloud
Bitnami Open Atrium for Huawei Enterprise Cloud Description Open Atrium is designed to help teams collaborate by providing an intranet platform that includes a blog, a wiki, a calendar, a to do list, a
More informationPerforming Maintenance Operations
This chapter describes how to back up and restore Cisco Mobility Services Engine (MSE) data and how to update the MSE software. It also describes other maintenance operations. Guidelines and Limitations,
More informationInstalling MySQL Subscriber Database
CHAPTER 2 This chapter describes how the optional MySQL subscriber database is installed for use with the Cisco SIP Proxy Server. An installation script, install_mysql_db, is used. This script only runs
More informationFtp Command Line Manual Windows Username Password Linux
Ftp Command Line Manual Windows Username Password Linux Midnight Commander is a console based full-screen text mode File Manager that allows you to copy, MC has many features which are useful for a user
More informationOverview 1 Preparing for installation 2
Contents Overview 1 Preparing for installation 2 Network requirements 2 Server requirements 2 Hardware requirements 2 Software requirements 2 Client requirements 2 Pre-installation checklist 3 Installing
More informationHost at 2freehosting.Com
Host at 2freehosting.Com This document will help you to upload your website to a free website hosting account at www.2freehosting.com/. Follow all the steps carefully in the order that they appear to ensure
More informationBitnami Trac for Huawei Enterprise Cloud
Bitnami Trac for Huawei Enterprise Cloud Description Trac is an enhanced wiki and issue tracking system for software development projects. It provides interfaces to Subversion and Git, an integrated Wiki
More informationBitnami OroCRM for Huawei Enterprise Cloud
Bitnami OroCRM for Huawei Enterprise Cloud Description OroCRM is a flexible open-source CRM application. OroCRM supports your business no matter the vertical. If you are a traditional B2B company, franchise,
More informationBitnami MEAN for Huawei Enterprise Cloud
Bitnami MEAN for Huawei Enterprise Cloud Description Bitnami MEAN Stack provides a complete development environment for mongodb and Node.js that can be deployed in one click. It includes the latest stable
More informationBitnami Re:dash for Huawei Enterprise Cloud
Bitnami Re:dash for Huawei Enterprise Cloud Description Re:dash is an open source data visualization and collaboration tool. It was designed to allow fast and easy access to billions of records in all
More informationBitnami Spree for Huawei Enterprise Cloud
Bitnami Spree for Huawei Enterprise Cloud Description Spree is an e-commerce platform that was designed to make customization and upgrades as simple as possible. It includes support for product variants,
More informationReplacing Windows Servers with Linux
Replacing Windows Servers with Linux Mark Post Novell, Inc. Wednesday, February 14, 2007 Session 9281 Agenda Reasons to move away from Microsoft Windows What Windows functions can be replaced? What can
More informationBitnami Mantis for Huawei Enterprise Cloud
Bitnami Mantis for Huawei Enterprise Cloud Description Mantis is a complete bug-tracking system that includes role-based access controls, changelog support, built-in reporting and more. A mobile client
More informationCrystal Enterprise. Overview. Contents. Web Server Overview - Internet Information System (IIS)
Overview Contents This document provides an overview to web server technology particularly Microsoft s Internet Information Server (IIS) and its relationship with. Although this article has been written
More informationLive Data Connection to SAP Universes
Live Data Connection to SAP Universes You can create a Live Data Connection to SAP Universe using the SAP BusinessObjects Enterprise (BOE) Live Data Connector component deployed on your application server.
More informationUSER MANUAL. DynamicsPort - Customer Portal for Dynamics CRM TABLE OF CONTENTS. Version: 1.1
USER MANUAL TABLE OF CONTENTS Introduction... 1 Benefits of Customer Portal... 1 Prerequisites... 1 Installation... 2 Dynamics CRM Plug-in Installation... 2 Plug-in Configuration... 5 Dynamics CRM Configuration
More informationDeployment Guide. 3.1 For Windows For Linux Docker image Windows Installation Installation...
TABLE OF CONTENTS 1 About Guide...1 2 System Requirements...2 3 Package...3 3.1 For Windows... 3 3.2 For Linux... 3 3.3 Docker image... 4 4 Windows Installation...5 4.1 Installation... 5 4.1.1 Install
More informationK-RATE INSTALLATION MANUAL
K-RATE INSTALLATION MANUAL K-Rate Installation Manual Contents SYSTEM REQUIREMENTS... 3 1. DOWNLOADING K-RATE... 4 STEP 1: LOGIN TO YOUR MEMBER ACCOUNT... 4 STEP 2: ENTER DOMAIN NAME... 5 STEP 3: DOWNLOAD
More informationREV. NO. CHANGES DATE. 000 New Document 5 May 2014
DOCUMENT HISTORY REV. NO. CHANGES DATE 000 New Document 5 May 2014 PROPRIETARY INFORMATION The information contained in this document is the property of Global Vision, Inc. Information contained in this
More informationEffacts 4 Installation Guide
Effacts 4 Installation Guide Contents 1. Introduction... 2 2. Prerequisites... 3 Server... 3 Database... 3 Document Location... 3 Data files... 3 Sending emails... 3 Downloading the software... 3 3. Upgrading
More informationKEIL software. Index of contents INSTALLATION
Index of contents 1. Important information 1.1. Requirements 1.2. Additional language files 1.3. Thumbnail creation and resizing 1.4. Data protection and shop security 2. Installation 2.1. FTP upload 2.2.
More informationConfiguring SAP Targets and Runtime Users
CHAPTER 4 Before you can create or run processes in your SAP environment, you must create the targets on which the processes will run. Targets are used to define specific environments where activities,
More informationUSER MANUAL. DynamicsPort - Customer Portal for Dynamics CRM TABLE OF CONTENTS. Version: 1.2
USER MANUAL TABLE OF CONTENTS Introduction... 1 Benefits of Customer Portal... 1 Prerequisites... 1 Installation... 2 Dynamics CRM Plug-in Installation... 2 Plug-in Configuration... 5 Dynamics CRM Configuration
More informationConfiguring User Defined Patterns
The allows you to create customized data patterns which can be detected and handled according to the configured security settings. The uses regular expressions (regex) to define data type patterns. Custom
More informationLoad Balancing Sage X3 ERP. Deployment Guide v Copyright Loadbalancer.org, Inc
Load Balancing Sage X3 ERP Deployment Guide v1.0.1 Copyright 2002 2017 Loadbalancer.org, Inc Table of Contents 1. About this Guide...3 2. Deployment...3 3. Initial Setup...3 Accessing the Loadbalancer.org
More informationLOMBA KETERAMPILAN SISWA
LOMBA KETERAMPILAN SISWA SEKOLAH MENENGAH KEJURUAN TINGKAT PROVINSI BALI TAHUN 2017 MODUL 1 SYSTEM INTEGRATION ISLAND IT NETWORK SYSTEMS ADMINISTRATION LKS2017_ITNSA_MODUL1 KEMENTERIAN PENDIDIKAN DAN KEBUDAYAAN
More informationNCM and LMS Co-residency Installation
2 CHAPTER This chapter describes the CiscoWorks NCM and LMS co-residency installation procedures on a Windows server and includes the following sections: Co-residency Installation Summary, page 2-1 Detailed
More informationPlateSpin Transformation Manager Appliance Guide. June 2018
PlateSpin Transformation Manager Appliance Guide June 2018 Legal Notice For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights,
More informationLinux Administration
Linux Administration This course will cover all aspects of Linux Certification. At the end of the course delegates will have the skills required to administer a Linux System. It is designed for professionals
More informationEnhydra 6.2 Application Architecture. Tanja Jovanovic
Enhydra 6.2 Application Architecture Tanja Jovanovic Table of Contents 1.Introduction...1 2. The Application Object... 2 3. The Presentation Object... 4 4. Writing Presentation Objects with XMLC... 6 5.
More informationMetasploit. Installation Guide Release 4.4
Metasploit Installation Guide Release 4.4 TABLE OF CONTENTS About this Guide Target Audience...1 Organization...1 Document Conventions...1 Support...2 Support for Metasploit Pro and Metasploit Express...2
More informationDatabase Security Service. FAQs. Issue 19 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 19 Date 2019-04-08 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2019. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
More informationINSTALLING RACHEL ON SYNOLOGY GIAKONDA IT
INSTALLING RACHEL ON SYNOLOGY GIAKONDA IT To add RACHEL to a Synology server there are a few stages to go through. First we need to ready the server for web use. Then we have to obtain a copy of the RACHEL
More informationManually Password Protect Directories Apache Ubuntu
Manually Password Protect Directories Apache Ubuntu Apache can be configured to force users to login before being Password protection can be useful for securing a directory that planning to edit them manually,
More informationSmartPatch. Installation Manual Version 6.x
SmartPatch Installation Manual Version 6.x Copyright Copyright 2017 Brand-Rex Ltd. All rights reserved. No part of this publication or of the SmartPatch software, in source code or object code form, may
More informationReseda E-Shop Manual
University of Fribourg, Switzerland Department of Computer Science Software Engineering Group Reseda E-Shop Manual 01.05.2006 Version: 1.0 Contents 1 Manual Install Evaluation 4 1.1 Overview..............................
More information2 Oracle WebLogic Overview Prerequisites Baseline Architecture...6
Table of Contents 1 Oracle Access Manager Integration...1 1.1 Overview...1 1.2 Prerequisites...1 1.3 Deployment...1 1.4 Integration...1 1.5 Authentication Process...1 2 Oracle WebLogic...2 3 Overview...3
More informationHow to open ports in the DSL router firmware version 2.xx and above
How to open ports in the DSL router firmware version 2.xx and above This example shows how to open port 3389 (which is used by Remote Desktop service) in the DSL router running firmware version 2.xx or
More informationApsaraDB for RDS. Quick Start (PostgreSQL)
Getting started with ApsaraDB The Alibaba Relational Database Service (RDS) is a stable, reliable, and auto-scaling online database service. Based on the Apsara distributed file system and high-performance
More informationWe want to install putty, an ssh client on the laptops. In the web browser goto:
We want to install putty, an ssh client on the laptops. In the web browser goto: www.chiark.greenend.org.uk/~sgtatham/putty/download.html Under Alternative binary files grab 32 bit putty.exe and put it
More informationMysql Tutorial Create Database Username Password Through Phpmyadmin
Mysql Tutorial Create Database Username Password Through Phpmyadmin Convert plain text to MD5 Hash and edit your MySQL Database. Every WordPress blog uses a MySQL Database which can be accessed through
More informationLevel 2 Support Services. V This version of the document cancels all previous published versions
Level 2 Support Services V1.4-2018-05-28 This version of the document cancels all previous published versions INDEX Services and Software supported 4 Operating systems 6 Control panels 10 Virtualization
More informationLucid Key Server. Help Documentation.
Lucid Key Server Help Documentation www.lucidcentral.org Help for the Lucid Key Server Welcome to the Lucid Key Server, one member of the Lucid family of products. For more information on other Lucid and
More informationEXTENSION FOR MAGENTO 2. (Updated May 23 rd 2017) INSTALLATION GUIDE
EXTENSION FOR MAGENTO 2 (Updated May 23 rd 2017) INSTALLATION GUIDE Confidential Information Notice Copyright 2017. All Rights Reserved. Any unauthorized reproduction of this document is prohibited. This
More informationCopyright Maxprograms
Copyright 2008-2017 Maxprograms Table of Contents Introduction... 1 RemoteTM Web Server... 1 Installation and Configuration... 2 Requirements... 2 Preparation... 2 Installation... 2 Email Server Configuration...
More informationBitnami Apache Solr for Huawei Enterprise Cloud
Bitnami Apache Solr for Huawei Enterprise Cloud Description Apache Solr is an open source enterprise search platform from the Apache Lucene project. It includes powerful full-text search, highlighting,
More informationUpgrade Guide Version 7.2
Upgrade Guide Version 7.2 Copyright IBM Corporation 2017 1 Resiliency Orchestration Upgrade Guide DISCLAIMER IBM believes that the information in this publication is accurate as of its publication date.
More informationCA IT Process Automation Manager Best Practices
CA BEST PRACTICES CA IT Process Automation Manager Best Practices Securability Guidelines DRAFT DOCUMENT FEEDBACK WELCOME! LEGAL NOTICE This publication is based on current information and resource allocations
More informationPhpmyadmin Error In Processing Request Error Code 200
Phpmyadmin Error In Processing Request Error Code 200 Error in Processing Request Error code: 200. Error text: OK. Yes..the JSON will be generated, but there will be also inserted a part for "phpmyadmin".
More informationJDK-WildFly-NetBeans Setup Local
@author R.L. Martinez, Ph.D. Table of Contents Overview... 1 Security Notice... 2 Download and Install Latest Stable JDK... 2 Download and Install Latest Stable WildFly... 6 Download and Install Latest
More information2. Installing OpenBiblio 1.0 on a Windows computer
Table of Contents Installing OpenBiblio 1. System requirements... 1 2. Installing OpenBiblio 1.0 on a Windows computer... 1 2.1. Install prerequisite software... 1 2.2. Install OpenBiblio... 2 2.3. Using
More informationJBoss to Geronimo - EJB-Session Beans Migration
JBoss to Geronimo - EJB-Session Beans Migration A typical J2EE application may contain Enterprise JavaBeans or EJBs. These beans contain the application's business logic and live business data. Although
More informationNet LineDancer v13. Install Guide for Linux. Revision History
Net LineDancer v13 Install Guide for Linux Revision History Revision Subject Revisions First Edition (v13.08) Created as a First Edition (2013/09/03) LogicVein, Inc. www.logicvein.com Tel: +81-44-852-4200
More informationVIRTUAL GPU LICENSE SERVER VERSION , , AND 5.1.0
VIRTUAL GPU LICENSE SERVER VERSION 2018.10, 2018.06, AND 5.1.0 DU-07754-001 _v7.0 through 7.2 March 2019 User Guide TABLE OF CONTENTS Chapter 1. Introduction to the NVIDIA vgpu Software License Server...
More informationPRODUCT DOCUMENTATION. Installing and Implementing Enterprise Contact Center Chat RELEASE 5.1
PRODUCT DOCUMENTATION Installing and Implementing Enterprise Contact Center Chat RELEASE 5.1 Document and Software Copyrights Copyright 1998 2009 ShoreTel, Inc. All rights reserved. Printed in the United
More informationRegarding the quality attributes, the architecture of the system must be:
The SDSS System Overview This chapter gives an overview of the software architecture of the RiskChanges SDSS system. One of the objectives within the project is the development of a SDSS system for probabilistic
More informationWeb Security. Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le
Web Security Jace Baker, Nick Ramos, Hugo Espiritu, Andrew Le Topics Web Architecture Parameter Tampering Local File Inclusion SQL Injection XSS Web Architecture Web Request Structure Web Request Structure
More informationLoad Balancing Nginx Web Servers with OWASP Top 10 WAF in AWS
Load Balancing Nginx Web Servers with OWASP Top 10 WAF in AWS Quick Reference Guide V1.0.2 ABOUT THIS GUIDE This document provides a quick reference guide on how to load balance Nginx Web Servers and configure
More informationReset the Admin Password with the ExtraHop Rescue CD
Reset the Admin Password with the ExtraHop Rescue CD Published: 2018-01-19 This guide explains how to reset the administration password on physical and virtual ExtraHop appliances with the ExtraHop Rescue
More informationHomework #7 Amazon Elastic Compute Cloud Web Services
Homework #7 Amazon Elastic Compute Cloud Web Services This semester we are allowing all students to explore cloud computing as offered by Amazon s Web Services. Using the instructions below one can establish
More informationVMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway
VMware AirWatch Content Gateway for Linux VMware Workspace ONE UEM 1811 Unified Access Gateway You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationLecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion
IN5290 Ethical Hacking Lecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion Universitetet i Oslo Laszlo Erdödi Lecture Overview What is SQL injection
More informationCedCommerce. All rights reserved.
CedCommerce. All rights reserved. SUPPORT@CEDCOMMERCE.COM 1 Module Installation Guide Version 2.0 2 Installation Here we are explaining different steps to install the CedCommerce Modules or Extensions.
More informationULTEO OPEN VIRTUAL DESKTOP SUSE LINUX ENTERPRISE SERVER (SLES) 11 SP1 SUPPORT
ULTEO OPEN VIRTUAL DESKTOP V4.0.2 SUSE LINUX ENTERPRISE SERVER (SLES) 11 SP1 SUPPORT Contents 1 Prerequisites: SUSE Linux Enterprise Server (SLES) 11 SP1 3 1.1 System Requirements..............................
More information(Worth 50% of overall Project 1 grade)
第 1 页共 8 页 2011/11/8 22:18 (Worth 50% of overall Project 1 grade) You will do Part 3 (the final part) of Project 1 with the same team as for Parts 1 and 2. If your team partner dropped the class and you
More informationBI Office. Web Authentication Model Guide Version 6
Web Authentication Model Guide Version 6 Copyright Pyramid Analytics 2010-2016 Contents 1. Web Authentication Model Overview... 3 A. Basic Authentication Models... 3 B. Windows Authentication Models...
More informationFUEGO 5.5 WORK PORTAL. (Using Tomcat 5) Fernando Dobladez
FUEGO 5.5 WORK PORTAL SINGLE-SIGN-ON WITH A WINDOWS DOMAIN (Using Tomcat 5) Fernando Dobladez ferd@fuego.com December 30, 2005 3 IIS CONFIGURATION Abstract This document describes a way of configuring
More informationSmart ATA Binary Upgrade Procedure
NetGen Communications, Inc. Smart ATA Binary Upgrade Procedure http://www.netgencommunications.com support@netgencommunications.com 770-449-7704 Amendent Records Document Rev. 01 (July, 2014 ) Copyright
More informationFlexible Engine. Startup Guide
Flexible Engine Startup Guide This guide presents the deployment of a web server accessible from the internet and its database, on the Flexible Engine platform 2017 Orange Business Services version July
More information