|
OpenSMTPD
OpenSMTPD (also known as OpenBSD SMTP Server) is a Unix daemon implementing the Simple Mail Transfer Protocol to deliver messages on a local machine or to relay them to other SMTP servers. It was publicly released on 17 March 2013 with version number 5.3, after being in development since late 2008. OpenSMTPD is primarily developed by Gilles Chehade, Eric Faurot and Charles Longeau as part of the OpenBSD project. Its design goals include security, reliability, ease of configuration, and support for common use cases. The source code is available under the ISC license. Its portable version, like that of OpenSSH, is developed as a child project which adds the portability code to the OpenBSD version and releases it separately. The portable version was initiated by Charles Longeau and adds support for multiple operating systems including NetBSD, FreeBSD, DragonFly BSD, and several Linux distributions. History The development of OpenSMTPD was motivated by a combination of issues wit ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenBSD
OpenBSD is a security-focused operating system, security-focused, free and open-source, Unix-like operating system based on the Berkeley Software Distribution (BSD). Theo de Raadt created OpenBSD in 1995 by fork (software development), forking NetBSD 1.0. According to the website, the OpenBSD project emphasizes "portability, standardization, correctness, proactive security and integrated cryptography." The OpenBSD project maintains software portability, portable versions of many subsystems as package manager, packages for other operating systems. Because of the project's preferred BSD license, many components are reused in proprietary and corporate-sponsored software projects. The firewall (computing), firewall code in Apple Inc., Apple's macOS is based on OpenBSD's PF (firewall), PF firewall code, Android (operating system), Android's Bionic (software), Bionic C standard library is based on OpenBSD code, LLVM uses OpenBSD's regular expression library, and Windows 10 uses OpenSSH ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Simple Mail Transfer Protocol
The Simple Mail Transfer Protocol (SMTP) is an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages. User-level email clients typically use SMTP only for sending messages to a mail server for relaying, and typically submit outgoing email to the mail server on port 587 or 465 per . For retrieving messages, IMAP (which replaced the older POP3) is standard, but proprietary servers also often implement proprietary protocols, e.g., Exchange ActiveSync. SMTP's origins began in 1980, building on concepts implemented on the ARPANET since 1971. It has been updated, modified and extended multiple times. The protocol version in common use today has extensible structure with various extensions for authentication, encryption, binary data transfer, and internationalized email addresses. SMTP servers commonly use the Transmission Control Protocol on port number 25 (for plaintex ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Use Case
In software and systems engineering, the phrase use case is a polyseme with two senses: # A usage scenario for a piece of software; often used in the plural to suggest situations where a piece of software may be useful. # A potential scenario in which a system receives an external request (such as user input) and responds to it. This article discusses the latter sense. A ''use case'' is a list of actions or event steps typically defining the interactions between a role (known in the Unified Modeling Language (UML) as an '' actor'') and a system to achieve a goal. The actor can be a human or another external system. In systems engineering, use cases are used at a higher level than within software engineering, often representing missions or stakeholder goals. The detailed requirements may then be captured in the Systems Modeling Language (SysML) or as contractual statements. History In 1987, Ivar Jacobson presented the first article on use cases at the OOPSLA'87 confer ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
BSD Software
The Berkeley Software Distribution or Berkeley Standard Distribution (BSD) is a discontinued operating system based on Research Unix, developed and distributed by the Computer Systems Research Group (CSRG) at the University of California, Berkeley. The term "BSD" commonly refers to its open-source descendants, including FreeBSD, OpenBSD, NetBSD, and DragonFly BSD. BSD was initially called Berkeley Unix because it was based on the source code of the original Unix developed at Bell Labs. In the 1980s, BSD was widely adopted by workstation vendors in the form of proprietary Unix variants such as DEC Ultrix and Sun Microsystems SunOS due to its permissive licensing and familiarity to many technology company founders and engineers. Although these proprietary BSD derivatives were largely superseded in the 1990s by UNIX SVR4 and OSF/1, later releases provided the basis for several open-source operating systems including FreeBSD, OpenBSD, NetBSD, DragonFly BSD, Darwin, and TrueOS. ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Message Transfer Agents
Within the Internet email system, a message transfer agent (MTA), or mail transfer agent, or mail relay is software that transfers electronic mail messages from one computer to another using SMTP. The terms mail server, mail exchanger, and MX host are also used in some contexts. Messages exchanged across networks are passed between mail servers, including any attached data files (such as images, multimedia or documents). These servers also often keep mailboxes for email. Access to this email by end users is typically either via webmail or an email client. Operation A message transfer agent receives mail from either another MTA, a mail submission agent (MSA), or a mail user agent (MUA). The transmission details are specified by the Simple Mail Transfer Protocol (SMTP). When a recipient mailbox of a message is not hosted locally, the message is relayed, that is, forwarded to another MTA. Every time an MTA receives an email message, it adds a trace header field to the top of the he ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Privilege Escalation
Privilege escalation is the act of exploiting a bug, a design flaw, or a configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. The result is that an application with more privileges than intended by the application developer or system administrator can perform unauthorized actions. Background Most computer systems are designed for use with multiple user accounts, each of which has abilities known as privileges. Common privileges include viewing and editing files or modifying system files. Privilege escalation means users receive privileges they are not entitled to. These privileges can be used to delete files, view private information, or install unwanted programs such as viruses. It usually occurs when a system has a bug that allows security to be bypassed or, alternatively, has flawed design assumptions about how it will be used. Privilege escalation occurs in tw ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Privilege Separation
In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. With privilege separation, a program is divided into parts which are limited to the specific privileges they require in order to perform a specific task. This is used to mitigate the potential damage of a computer security vulnerability. A common method to implement privilege separation is to have a computer program fork into two processes. The main program drops privileges, and the smaller program keeps privileges in order to perform a certain task. The two halves then communicate via a socket pair. Thus, any successful attack against the larger program will gain minimal access, even though the pair of programs will be capable of performing privileged operations. Privilege separation is traditionally accomplished by distinguishing a ''real'' user ID/ group ID from the ''effective'' user ID/group ID, using the setuid(2)/ setgid ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Strlcpy
The C programming language has a set of functions implementing operations on strings (character strings and byte strings) in its standard library. Various operations, such as copying, concatenation, tokenization and searching are supported. For character strings, the standard library uses the convention that strings are null-terminated: a string of characters is represented as an array of elements, the last of which is a character (with numeric value 0). The only support for strings in the programming language proper is that the compiler translates quoted string constants into null-terminated strings. Definitions A string is defined as a contiguous sequence of code units terminated by the first zero code unit (often called the ''NUL'' code unit). This means a string cannot contain the zero code unit, as the first one seen marks the end of the string. The ''length'' of a string is the number of code units before the zero code unit. The memory occupied by a string is al ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Qualys
Qualys, Inc. provides cloud security, compliance and related services and is based in Foster City, California. Qualys provides vulnerability management solutions using a "software as a service" (SaaS) model. It has added cloud-based compliance and web application security offerings. Qualys has over 10,300 customers in more than 130 countries, including a majority of the Forbes Global 100. The company has strategic partnerships with major managed services providers and consulting organizations including BT, Dell SecureWorks, Fujitsu, IBM, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). History Qualys has been described as "one of the earliest software-as-a-service security vendors." Philippe Courtot first invested in the company in 1999. He became CEO and board chair in 2001. In the announcement of the second round of financing, Courtot described Qualys as addressing a "mounting need for automatic detection of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Security Audit
An information security audit is an audit on the level of information security in an organization. It is an independent review and examination of system records, activities and related documents. These audits are intended to improve the level of information security, avoid improper information security designs, and optimize the efficiency of the security safeguards and security processes. Within the broad scope of auditing information security there are multiple types of audits, multiple objectives for different audits, etc. Most commonly the controls being audited can be categorized to technical, physical and administrative. Auditing information security covers topics from auditing the physical security of data centers to auditing the logical security of databases, and highlights key components to look for and different methods for auditing these areas. When centered on the Information technology (IT) aspects of information security, it can be seen as a part of an information tech ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
DragonFly BSD
DragonFly BSD is a free and open-source Unix-like operating system forked from FreeBSD 4.8. Matthew Dillon, an Amiga developer in the late 1980s and early 1990s and FreeBSD developer between 1994 and 2003, began working on DragonFly BSD in June 2003 and announced it on the FreeBSD mailing lists on 16 July 2003. Dillon started DragonFly in the belief that the techniques adopted for threading and symmetric multiprocessing in FreeBSD 5 would lead to poor performance and maintenance problems. He sought to correct these anticipated problems within the FreeBSD project. Due to conflicts with other FreeBSD developers over the implementation of his ideas, his ability to directly change the codebase was eventually revoked. Despite this, the DragonFly BSD and FreeBSD projects still work together, sharing bug fixes, driver updates, and other improvements. Intended as the logical continuation of the FreeBSD 4.x series, DragonFly has diverged significantly from FreeBSD, implementing l ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
OpenSSH
OpenSSH (also known as OpenBSD Secure Shell) is a suite of secure networking utilities based on the Secure Shell (SSH) protocol, which provides a secure channel over an unsecured network in a client–server architecture. Network Working Group of the IETF, January 2006, RFC 4252, The Secure Shell (SSH) Authentication Protocol. OpenSSH started as a fork of the free SSH program developed by Tatu Ylönen; later versions of Ylönen's SSH were proprietary software offered by SSH Communications Security. OpenSSH was first released in 1999 and is currently developed as part of the OpenBSD operating system. OpenSSH is not a single computer program, but rather a suite of programs that serve as alternatives to unencrypted protocols like Telnet and FTP. OpenSSH is integrated into several operating systems, namely Microsoft Windows, macOS and most Linux operating systems, while the portable version is available as a package in other systems. History OpenBSD Secure Shell ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
